物联网传感网络安全协议形式化研究
|
摘要
目前,对物联网的研究越来越深入,物联网在未来社会的发展和应用越来越广泛,随着各种物联网硬件和应用软件开发和研究,物联网的安全问题也凸显出来,如何对物联网的通信主体进行身份认证,如何对数据进行保密安全的传输,这是一个迫切需要研究和解决的应用需求。
安全协议在通信主体的身份认证、密钥的分配和数字签名等方面发挥着重要作用,但是,安全协议的安全性设计、分析和证明长期以来一直是信息安全研究的重点和难点问题,随着攻击的新手段和新技术不断涌现,安全协议的设计,分析和证明也在不断的接收新的挑战。
本文在当前比较公认的物联网概念和体系结构基础上,针对物联网传感网络的安全协议的形式化设计,分析和证明展开研究,主要工作为:
1、通过分析当前比较公认的物联网概念和体系结构,对物联网体系结构与传统的网络体系结构作了分析比较,得出物联网传感网络的特点和安全属性;
2、根据物联网传感网络的特点和安全属性,提出针对物联网传感网络攻击者的模型:
3、根据物联网传感网络的特点和安全属性,提出一种基于无线网络的物联网传感网络SNIT(The Sensing Network of the Internet of Things)模型;
4、针对SNIT模型,对通信主体进行抽象,提出一种基于协议元的形式化设计方法,该方法首先对协议元进行选择和设计,并对其进行基于UM击模型下的SK安全属性进行证明;
5、针对SNIT模型提出一种SNIT协议,该协议根据发起通讯请求的通信主体的不同SNIT办议又分为SNIT_C, SNIT_S_三个协议,并对三个协议进行形式化描述和攻击者建模;
6、采用CSP对SNIT协议进行形式化分析和模型验证;
7、采用串空间理论对SNIT协议进行定理证明,对模型的无穷状态空间进行推理,解决模型验证所不能完成状态空间爆炸问题;
总之,本文提出对安全协议的形式化设计、分析和证明较之于传统的非形式化设计和分析,具有较强的数学理论基础,可以保证在攻击者模型所具备的攻击条件下安全协议的可靠性,保密性和数据一致性。
Presently, the study of Internet of Things (IOT) is more and more deeper, the development and application of IOT more and more wider in the future social. The security problem of IOT come out as the Development and Research of various IOT hardware and application software, So how to implement the identification authentication of the IOT communications principal and how to transport data ensure secret and security is an application requirement that sorely need to be studied and resolved.
Security protocol is playing an important part in the identification authentication of communications principal, key distribution and digital signature and so on. But, the security design, analysis and prove have long been the important and difficulty problem to security protocols with the emerging of new attack means and technic constantly, so it is facing new challenges.
This thesis base on the concept and architecture of IOT.that is the official acceptance carrying on an investigation into the formalization design and verification of the security protocols that transport in IOT sensor network. The main research content and contributions of this thesis are below:
1. With the concept and architecture of IOT that is the official acceptance, contrasting and analyzing the architecture of IOT with the traditional.network architecture,educe the characteristics and security properties of IOT sensor network.
2. According to the characteristics and security properties of IOT sensor network, put forward a model to deal with attacker of Internet of Things sensor network.
3.According to the characteristics and security properties of Internet of Things sensor network, put forward a SNIT (The Sensing Network of the Internet of Things) model of IOT sensor network base on Wireless Network。
4. For the SNIT model, giving an abstract of communications principal, educe a formal design method that base on protocol metadata. The method first choose and design protocol metadata, and then certificate the security properties that base on UM attach model;
5.Educing a kind of SNIT protocol that is classified according to the agent which initiates communications request:SNIT_C, SNIT_M and SNIT_Sto, for SNIT model.
6. Formal analysis,model checking and verification for SNIT Protocols by CSP.
7.Adopt theorem proving for SNIT protocol by strand space theory, reasoning infinity state space of the model, solving the space explosion problem that model checking can not be.
In summation, this thesis educe formalization design, analysis and certificate for security protocol that has a great of mathematics technical and can ensure its reliability, confidentiality and data consistency under the condition of attractor model has the ability to attack compare to traditional un-formalization design and analysis.
安全协议在通信主体的身份认证、密钥的分配和数字签名等方面发挥着重要作用,但是,安全协议的安全性设计、分析和证明长期以来一直是信息安全研究的重点和难点问题,随着攻击的新手段和新技术不断涌现,安全协议的设计,分析和证明也在不断的接收新的挑战。
本文在当前比较公认的物联网概念和体系结构基础上,针对物联网传感网络的安全协议的形式化设计,分析和证明展开研究,主要工作为:
1、通过分析当前比较公认的物联网概念和体系结构,对物联网体系结构与传统的网络体系结构作了分析比较,得出物联网传感网络的特点和安全属性;
2、根据物联网传感网络的特点和安全属性,提出针对物联网传感网络攻击者的模型:
3、根据物联网传感网络的特点和安全属性,提出一种基于无线网络的物联网传感网络SNIT(The Sensing Network of the Internet of Things)模型;
4、针对SNIT模型,对通信主体进行抽象,提出一种基于协议元的形式化设计方法,该方法首先对协议元进行选择和设计,并对其进行基于UM击模型下的SK安全属性进行证明;
5、针对SNIT模型提出一种SNIT协议,该协议根据发起通讯请求的通信主体的不同SNIT办议又分为SNIT_C, SNIT_S_三个协议,并对三个协议进行形式化描述和攻击者建模;
6、采用CSP对SNIT协议进行形式化分析和模型验证;
7、采用串空间理论对SNIT协议进行定理证明,对模型的无穷状态空间进行推理,解决模型验证所不能完成状态空间爆炸问题;
总之,本文提出对安全协议的形式化设计、分析和证明较之于传统的非形式化设计和分析,具有较强的数学理论基础,可以保证在攻击者模型所具备的攻击条件下安全协议的可靠性,保密性和数据一致性。
Presently, the study of Internet of Things (IOT) is more and more deeper, the development and application of IOT more and more wider in the future social. The security problem of IOT come out as the Development and Research of various IOT hardware and application software, So how to implement the identification authentication of the IOT communications principal and how to transport data ensure secret and security is an application requirement that sorely need to be studied and resolved.
Security protocol is playing an important part in the identification authentication of communications principal, key distribution and digital signature and so on. But, the security design, analysis and prove have long been the important and difficulty problem to security protocols with the emerging of new attack means and technic constantly, so it is facing new challenges.
This thesis base on the concept and architecture of IOT.that is the official acceptance carrying on an investigation into the formalization design and verification of the security protocols that transport in IOT sensor network. The main research content and contributions of this thesis are below:
1. With the concept and architecture of IOT that is the official acceptance, contrasting and analyzing the architecture of IOT with the traditional.network architecture,educe the characteristics and security properties of IOT sensor network.
2. According to the characteristics and security properties of IOT sensor network, put forward a model to deal with attacker of Internet of Things sensor network.
3.According to the characteristics and security properties of Internet of Things sensor network, put forward a SNIT (The Sensing Network of the Internet of Things) model of IOT sensor network base on Wireless Network。
4. For the SNIT model, giving an abstract of communications principal, educe a formal design method that base on protocol metadata. The method first choose and design protocol metadata, and then certificate the security properties that base on UM attach model;
5.Educing a kind of SNIT protocol that is classified according to the agent which initiates communications request:SNIT_C, SNIT_M and SNIT_Sto, for SNIT model.
6. Formal analysis,model checking and verification for SNIT Protocols by CSP.
7.Adopt theorem proving for SNIT protocol by strand space theory, reasoning infinity state space of the model, solving the space explosion problem that model checking can not be.
In summation, this thesis educe formalization design, analysis and certificate for security protocol that has a great of mathematics technical and can ensure its reliability, confidentiality and data consistency under the condition of attractor model has the ability to attack compare to traditional un-formalization design and analysis.
引文
[1]Gordan Bitko,Tora k.bikson and Edward Balkovich. REID Security in the Workplace: Perk or Privacy? Security World International,2007,6.
[2]曹天杰,张永平,汪楚娇,安全协议,北京邮电大学出版社,2009.
[3]李建华,张爱新,薛质,李生红,网络安全协议的形式化分析与验证,机械工业出版社,2010.
[4]Sarma S.E,Weis S.A,Engels D.W,Radio-frequency identification:Secure risks and challenges.RSA Laboratories Cryptobytes,2003,6(1):2-9.
[5]Weis S.A, Sarma S.E,Rivest R.L,Engels D.W,Security and privacy aspects of low-cost radio frency identification systems.in:Hutter G,Stephan W,Ullmann M.eds,Proceedings of the 1st International Conference on Security in Pervasive Computing.Lectures Notes in Computer Science 2802.Berlin:Springer-Berlag,2004,201-212.
[6]Gustavo Rainirez GonzaLez, Early Infrastructure of an Internet of Things in Spaces for Learning,2008 IEEE International Conferenec on Advance Learning Technologies.
[7]Rhee K,Kwak J,Kim S,Won D,Challenge-response based RFID authentication protocol for distributed database environment.In:Hutter D,Ullmann M,eds.Proceedings of the 2nd International Conference on Security in Pervasive Computing(SPC 2005).Lectures Notes in Computer Science 3450,Berlin:Springer-Verlag,2005,70-84.
[8]Molnar D,Wagner D,Privacy and secutity in library RFID:Issues,practices and architectures.In:Proceedings of the 11th ACM Conference on Computer and Communications Security(CCS'04),Washington,DC,USA,2004,210-219.
[9]ITU Internet Reports, The Internet of Things, November 2005.
[10]A. Katasonov, O. Kaykova, O. Khriyenko, S. Nikitin, V. Terziyan, Smart semantic middleware for the internet of things, in:Proceedings of the Fifth International Conference on Informatics in Control, Automation and Robotics, Funchal, Madeira, Portugal, May 2008.
[11]I. Toma, E. Simperl, Graham Hench, A joint roadmap for semantic technologies and the internet of things, in:Proceedings of the Third STI Roadmapping Workshop, Crete, Greece, June 2009.
[12]W. Wahlster, Web 3.0:Semantic Technologies for the Internet of Services and of Things, Lecture at the 2008 Dresden Future Forum, June 2008.
[13]Rolf H. Weber. Internet of Things-New security and privacy challenges computer law & securityreview,26 (2010) 23-30.
[14]张彦,宁焕生,等.RFID与物联网[M].北京:电子工业出版社,2008.
[15]M. Botterman, for the European Commission Information Society and Media Directorate General, Networked Enterprise & RFID Unit-D4, Internet of Things:An Early Reality of the Future Internet, Report of the Internet of Things Workshop, Prague, Czech Republic, May 2009.
[16]G. Broll, E. Rukzio, M. Paolucci, M. Wagner, A. Schmidt, H. Hussmann, PERCI: pervasive service interaction with the internet of things, IEEE Internet Computing 13 (6) (2009)74-81.
[17]Rolf H. Weber. Internet of things-Need for a new legal environment [J]. computer law & security review 2009, (25):522-527
[18]Martin T. Wearable and ubiquitous computing[J]. Per2 vasive Computing,2003,2 (3): 8212.
[19]T. Le, M. Burmester, and B. Medeiros. Universally composable and forward-secure rfid authentication and authenticated key exchange. In ACM Conference on Information, Computer and Communications Security,2007.
[20]Satyanarayanan M. Pervasive computing:vision and challenges[J]. IEEE Personal Communications,2010,8(4):10217.
[21]Stipanicev Darko, Marasovic Jadranka. Networked em2 bedded greenhouse monitoring and control [J]. IEEE,2009:135021355.
[22]Cullar D, Estrin D, Strvastava M. Overview of sensor network[J]. Computer,2004,37 (8):41249.
[23]Heintze,J.Tygar.A model for secure protocols and their compositions.In Proceedings of the IEEE CS Symposium on Research in Security and Privacy,1994,2-13.
[24]Luigi Atzori, Antonio Iera, The Internet of Things:A survey Computer Networks 2010 [B.S,05] B. Sterling, Shaping Things-Mediawork Pamphlets, The MIT Press,2005
[25]张玉清,莫燕,吴建耀,安全协议的建模与分析:CSP方式,机械工业出版社,2005.
[DDo 81]D. Dolev and A. Yao, "On the security of public key protocols," Proc. IEEE 22nd Annual Symposium on Foundations of Computer Science, pp.350-357, Nashville,TN, USA, Oct.1981.
[26]C.A.R.Hoare, Communicating Sequential Processes,Prentice Hall International,2004.
[27]卫剑钒,陈钟,安全协议分析与设计,人民邮电出版社,2010.
[28]Canetti R, Krawczyk H.Analysis of key-exchange protocols and their use for building secure channels. In proceedings of Eurocrypt.Innsbruck, Austria,2001.453-474.
[29]I. Vazquez, Social Devices:Semantic Technology for the Internet of Things, Week@ESI, Zamudio, Spain, June 2009.
[30]Rolf H. Weber. Internet of things-Need for a new legal environment? computer law & securityreview,25(2009) 522-527.
[31]Guttman JD,Thayer FJ. Authentication tests.In:Proceedings of the 2000 IEEE Symposium on Security and Privacy.Los Alamitos:IEEE Computer Society Press,2000.150-164.
[32]Martin Pctcr Michael, ArchitcctnraL Solutions for Mobile RFID Services for the Internet of Things,2008 IEEE Congress on Services.
[33]G. Lowe, "Breaking and fixing the Needham-Schroeder public-key protocol using FDR,' Software --- Concepts and Tools, Vol.17, No.3, pp.93-102,1996.
[34]G. Santucci, Internet of the future and internet of things:what is at stake and how are we getting prepared for them? in:eMatch'09-Future Internet Workshop, Oslo, Norway, September 2009.
[35]Ran Canetti and Hugo Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. Lecture Notes in Computer Science,2045:453-474,2001.
[36]Bellare M,Cannetti R,Krawczyk H.A modular approach to the design and analysis of authentication and key exchange protocols.in proceedings of the 30th Annual Symposium on the Theory of Computing.Texas,USA,1998.419-428.
[37]李谢华.基于串空间模型安全协议形式化验证方法的研究上海交通大学2007.
[38]H. Chan, A. Perrig, Security and privacy in sensor networks, IEEE Computer 36 (10) (2003)103-105.
[39]Akyildiz I F. Wireless sensor networks:a survey [J].Computer Networks,2002,38 3932422.
[40]JollIl Price,Ed Jones,Howard Kapustein,Auto-ID Reader Protocol 1.O,Auto-ID Center,2003.
[41]Fagui Liu; Yuzhu Jie; Wei Hu; Distributed ALE in RFID Middleware, Wireless Communications,Networking and Mobile Computing. WiCOM'08.4th International Conference on 12-14 Oct.2008.
[42]Mangu Hmqvist,GullIlar Stemsson, Mobile RFID:A Case from Volvo on innovation in SCM, IEEE,2006.
[43]Floerkemeier. C, Lampe.M. RFID middleware design- addressing application requirements and RFID constraints. Proceedings of Smart Objects Conference,Grenoble, France, pp.118—121,2003.
[44]L. Srivastava, Pervasive, ambient, ubiquitous:the magic of radio, in:European Commission Conference "From RFID to the Internet of Things", Bruxelles, Belgium, March 2006.
[45]R. Yuan, L. Shumin, Y. Baogang, Value Chain Oriented RFID System Framework and Enterprise Application, Science Press, Beijing,2007.
[46]Y.-W. Ma, C.-F. Lai, Y.-M. Huang, J.-L. Chen, Mobile RFID with IPv6 forphone services, in:Proceedings of IEEE ISCE 2009, Kyoto, Japan, May 2009.
[47]D.G. Yoo, D.H. Lee, C.H. Seo, S.G. Choi, RFID networking mechanism using address management agent, in: Proceedings of NCM 2008,Gyeongju, South Korea, September 2008.
[48]I. Demirkol, F. Alagoz, H. Deli 148, C. Ersoy, Wireless sensor networks for intrusion detection:packet traffic modeling, IEEE Communication Letters 10(1) (2006) 22-24.
[49]D. Chen, P.K. Varshney, QoS support in wireless sensor networks:a survey, in: Proceedings of International Conference on Wireless Networks 2004, Las Vegas, NE, USA, June 2004.
[50]J. Bukley, From RFID to the internet of things:final report, in:European Commission Conference "From RFID to the Internet of Things", Brussels, Belgium, March 2006.
[51]R. Acharya, K. Asha, Data integrity and intrusion detection in wireless sensor networks, in:Proceedings of IEEE ICON 2008, New Delhi, India, December 2008.
[52]T. Karygiannis, B. Eydt, G. Barber, L. Bunn, T. Phillips, Guidelines for Securing Radio Frequency Identification (RFID) Systems, NIST Special Publication 800-98, April 2007.
[53]R. Kumar, E. Kohler, M. Srivastava, Harbor:software-based memory protection for sensor nodes, in:Proceedings of IPSN 2007, Cambridge, MA, USA, April 2007.
[54]M. Feldhofer, S. Dominikus, J. Wolkerstorfer, Strong authentication for RFID systems using AES algorithm, in:Proceedings of Workshop on Cryptographic Hardware and Embedded Systems, Cambridge, MA, USA, August 2004.
[55]B. Calmels, S. Canard, M. Girault, H. Sibert, Low-cost cryptography for privacy in RFID systems, in:Proceedings of IFIP CARIDS 2006, Terragona, Spain, April 2006. [LCr 06] L. Cranor, et al., The Platform for Privacy Preferences 1.1 (P3P1.1) Specification, W3C Working Group Note, November 2006.
[56]J. Wickramasuriya, M. Datt, S. Mehrotra, N. Venkatasubramanian, Privacy protecting data collection in media spaces,in:Proceedings of ACM International Conference on Multimedia 2004, New York, NY, USA, October 2004.
[57]C.M. Medaglia, A. Serbanati, An overview of privacy and security issues in the internet of things, in:Proceedings of TIWDC 2009, Pula,Italy, September 2009.
[58]O. Savry, F. Vacherand, Security and privacy protection of contactless devices, in: Proceedings of TIWDC 2009, Pula, Italy, September 2009.
[59]O. Savry, F. Pebay-Peyroula, F. Dehmas, G. Robert, J. Reverdy, RFID noisy reader: how to prevent from eavesdropping on the communication? in:Proceedings of Workshop on Cryptographic Hardware and Embedded Systems 2007, Vienna, Austria, September 2007.
[60]A. Roscoe,"Modelling and verifying key-exchange protocols using CSP and FDR," Proc. Eighth IEEE Computer Security Foundations Workshop, County Kerry, Ireland, pp.98-107, June 1995.
[61]D. Dolev and A. Yao, "On the security of public key protocols," IEEE Trans. on Information Theory, Vol.29, No.2, pp.198--208, Mar.1983.
[62]M. Burrows, A. Abadi, and R. Needham, "A logic of authentication," ACM Trans. on Computer Systems, Vol.8, No.1, pp.18-36, Feb.1990.
[63]L. Gong, R. Needham, and R. Yahalom, "Reasoning about belief in cryptographic protocols," Proc.1990 IEEE Symposium on Security and Privacy, pp.234--248, IEEE Computer Society, Oakland, CA, USA, May 1990.
[64]P. Syverson and P. van Oorschot, "On unifying some cryptographic protocol logics," Proc.1994 IEEE Computer Society Symposium on Research in Security and Privacy, pp.14-28, IEEE Computer Society, Oakland, CA, USA, May 1994.
[65]Thayer FJ,Herzog JC,Guttman JD,stand spaces:Why is a security protocol correct?In:Proceedings of the 1998 IEEE Symposium on Security and Privacy.Los A lamitos:IEEEcomputer Society Press,1998.160-172.
[66]Thayer FJ,Herzog JC,Guttman JD,stand spaces:Proving security protocols correct.Journal of Computer Security,1999,7(2,3):191-230.
[2]曹天杰,张永平,汪楚娇,安全协议,北京邮电大学出版社,2009.
[3]李建华,张爱新,薛质,李生红,网络安全协议的形式化分析与验证,机械工业出版社,2010.
[4]Sarma S.E,Weis S.A,Engels D.W,Radio-frequency identification:Secure risks and challenges.RSA Laboratories Cryptobytes,2003,6(1):2-9.
[5]Weis S.A, Sarma S.E,Rivest R.L,Engels D.W,Security and privacy aspects of low-cost radio frency identification systems.in:Hutter G,Stephan W,Ullmann M.eds,Proceedings of the 1st International Conference on Security in Pervasive Computing.Lectures Notes in Computer Science 2802.Berlin:Springer-Berlag,2004,201-212.
[6]Gustavo Rainirez GonzaLez, Early Infrastructure of an Internet of Things in Spaces for Learning,2008 IEEE International Conferenec on Advance Learning Technologies.
[7]Rhee K,Kwak J,Kim S,Won D,Challenge-response based RFID authentication protocol for distributed database environment.In:Hutter D,Ullmann M,eds.Proceedings of the 2nd International Conference on Security in Pervasive Computing(SPC 2005).Lectures Notes in Computer Science 3450,Berlin:Springer-Verlag,2005,70-84.
[8]Molnar D,Wagner D,Privacy and secutity in library RFID:Issues,practices and architectures.In:Proceedings of the 11th ACM Conference on Computer and Communications Security(CCS'04),Washington,DC,USA,2004,210-219.
[9]ITU Internet Reports, The Internet of Things, November 2005.
[10]A. Katasonov, O. Kaykova, O. Khriyenko, S. Nikitin, V. Terziyan, Smart semantic middleware for the internet of things, in:Proceedings of the Fifth International Conference on Informatics in Control, Automation and Robotics, Funchal, Madeira, Portugal, May 2008.
[11]I. Toma, E. Simperl, Graham Hench, A joint roadmap for semantic technologies and the internet of things, in:Proceedings of the Third STI Roadmapping Workshop, Crete, Greece, June 2009.
[12]W. Wahlster, Web 3.0:Semantic Technologies for the Internet of Services and of Things, Lecture at the 2008 Dresden Future Forum, June 2008.
[13]Rolf H. Weber. Internet of Things-New security and privacy challenges computer law & securityreview,26 (2010) 23-30.
[14]张彦,宁焕生,等.RFID与物联网[M].北京:电子工业出版社,2008.
[15]M. Botterman, for the European Commission Information Society and Media Directorate General, Networked Enterprise & RFID Unit-D4, Internet of Things:An Early Reality of the Future Internet, Report of the Internet of Things Workshop, Prague, Czech Republic, May 2009.
[16]G. Broll, E. Rukzio, M. Paolucci, M. Wagner, A. Schmidt, H. Hussmann, PERCI: pervasive service interaction with the internet of things, IEEE Internet Computing 13 (6) (2009)74-81.
[17]Rolf H. Weber. Internet of things-Need for a new legal environment [J]. computer law & security review 2009, (25):522-527
[18]Martin T. Wearable and ubiquitous computing[J]. Per2 vasive Computing,2003,2 (3): 8212.
[19]T. Le, M. Burmester, and B. Medeiros. Universally composable and forward-secure rfid authentication and authenticated key exchange. In ACM Conference on Information, Computer and Communications Security,2007.
[20]Satyanarayanan M. Pervasive computing:vision and challenges[J]. IEEE Personal Communications,2010,8(4):10217.
[21]Stipanicev Darko, Marasovic Jadranka. Networked em2 bedded greenhouse monitoring and control [J]. IEEE,2009:135021355.
[22]Cullar D, Estrin D, Strvastava M. Overview of sensor network[J]. Computer,2004,37 (8):41249.
[23]Heintze,J.Tygar.A model for secure protocols and their compositions.In Proceedings of the IEEE CS Symposium on Research in Security and Privacy,1994,2-13.
[24]Luigi Atzori, Antonio Iera, The Internet of Things:A survey Computer Networks 2010 [B.S,05] B. Sterling, Shaping Things-Mediawork Pamphlets, The MIT Press,2005
[25]张玉清,莫燕,吴建耀,安全协议的建模与分析:CSP方式,机械工业出版社,2005.
[DDo 81]D. Dolev and A. Yao, "On the security of public key protocols," Proc. IEEE 22nd Annual Symposium on Foundations of Computer Science, pp.350-357, Nashville,TN, USA, Oct.1981.
[26]C.A.R.Hoare, Communicating Sequential Processes,Prentice Hall International,2004.
[27]卫剑钒,陈钟,安全协议分析与设计,人民邮电出版社,2010.
[28]Canetti R, Krawczyk H.Analysis of key-exchange protocols and their use for building secure channels. In proceedings of Eurocrypt.Innsbruck, Austria,2001.453-474.
[29]I. Vazquez, Social Devices:Semantic Technology for the Internet of Things, Week@ESI, Zamudio, Spain, June 2009.
[30]Rolf H. Weber. Internet of things-Need for a new legal environment? computer law & securityreview,25(2009) 522-527.
[31]Guttman JD,Thayer FJ. Authentication tests.In:Proceedings of the 2000 IEEE Symposium on Security and Privacy.Los Alamitos:IEEE Computer Society Press,2000.150-164.
[32]Martin Pctcr Michael, ArchitcctnraL Solutions for Mobile RFID Services for the Internet of Things,2008 IEEE Congress on Services.
[33]G. Lowe, "Breaking and fixing the Needham-Schroeder public-key protocol using FDR,' Software --- Concepts and Tools, Vol.17, No.3, pp.93-102,1996.
[34]G. Santucci, Internet of the future and internet of things:what is at stake and how are we getting prepared for them? in:eMatch'09-Future Internet Workshop, Oslo, Norway, September 2009.
[35]Ran Canetti and Hugo Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. Lecture Notes in Computer Science,2045:453-474,2001.
[36]Bellare M,Cannetti R,Krawczyk H.A modular approach to the design and analysis of authentication and key exchange protocols.in proceedings of the 30th Annual Symposium on the Theory of Computing.Texas,USA,1998.419-428.
[37]李谢华.基于串空间模型安全协议形式化验证方法的研究上海交通大学2007.
[38]H. Chan, A. Perrig, Security and privacy in sensor networks, IEEE Computer 36 (10) (2003)103-105.
[39]Akyildiz I F. Wireless sensor networks:a survey [J].Computer Networks,2002,38 3932422.
[40]JollIl Price,Ed Jones,Howard Kapustein,Auto-ID Reader Protocol 1.O,Auto-ID Center,2003.
[41]Fagui Liu; Yuzhu Jie; Wei Hu; Distributed ALE in RFID Middleware, Wireless Communications,Networking and Mobile Computing. WiCOM'08.4th International Conference on 12-14 Oct.2008.
[42]Mangu Hmqvist,GullIlar Stemsson, Mobile RFID:A Case from Volvo on innovation in SCM, IEEE,2006.
[43]Floerkemeier. C, Lampe.M. RFID middleware design- addressing application requirements and RFID constraints. Proceedings of Smart Objects Conference,Grenoble, France, pp.118—121,2003.
[44]L. Srivastava, Pervasive, ambient, ubiquitous:the magic of radio, in:European Commission Conference "From RFID to the Internet of Things", Bruxelles, Belgium, March 2006.
[45]R. Yuan, L. Shumin, Y. Baogang, Value Chain Oriented RFID System Framework and Enterprise Application, Science Press, Beijing,2007.
[46]Y.-W. Ma, C.-F. Lai, Y.-M. Huang, J.-L. Chen, Mobile RFID with IPv6 forphone services, in:Proceedings of IEEE ISCE 2009, Kyoto, Japan, May 2009.
[47]D.G. Yoo, D.H. Lee, C.H. Seo, S.G. Choi, RFID networking mechanism using address management agent, in: Proceedings of NCM 2008,Gyeongju, South Korea, September 2008.
[48]I. Demirkol, F. Alagoz, H. Deli 148, C. Ersoy, Wireless sensor networks for intrusion detection:packet traffic modeling, IEEE Communication Letters 10(1) (2006) 22-24.
[49]D. Chen, P.K. Varshney, QoS support in wireless sensor networks:a survey, in: Proceedings of International Conference on Wireless Networks 2004, Las Vegas, NE, USA, June 2004.
[50]J. Bukley, From RFID to the internet of things:final report, in:European Commission Conference "From RFID to the Internet of Things", Brussels, Belgium, March 2006.
[51]R. Acharya, K. Asha, Data integrity and intrusion detection in wireless sensor networks, in:Proceedings of IEEE ICON 2008, New Delhi, India, December 2008.
[52]T. Karygiannis, B. Eydt, G. Barber, L. Bunn, T. Phillips, Guidelines for Securing Radio Frequency Identification (RFID) Systems, NIST Special Publication 800-98, April 2007.
[53]R. Kumar, E. Kohler, M. Srivastava, Harbor:software-based memory protection for sensor nodes, in:Proceedings of IPSN 2007, Cambridge, MA, USA, April 2007.
[54]M. Feldhofer, S. Dominikus, J. Wolkerstorfer, Strong authentication for RFID systems using AES algorithm, in:Proceedings of Workshop on Cryptographic Hardware and Embedded Systems, Cambridge, MA, USA, August 2004.
[55]B. Calmels, S. Canard, M. Girault, H. Sibert, Low-cost cryptography for privacy in RFID systems, in:Proceedings of IFIP CARIDS 2006, Terragona, Spain, April 2006. [LCr 06] L. Cranor, et al., The Platform for Privacy Preferences 1.1 (P3P1.1) Specification, W3C Working Group Note, November 2006.
[56]J. Wickramasuriya, M. Datt, S. Mehrotra, N. Venkatasubramanian, Privacy protecting data collection in media spaces,in:Proceedings of ACM International Conference on Multimedia 2004, New York, NY, USA, October 2004.
[57]C.M. Medaglia, A. Serbanati, An overview of privacy and security issues in the internet of things, in:Proceedings of TIWDC 2009, Pula,Italy, September 2009.
[58]O. Savry, F. Vacherand, Security and privacy protection of contactless devices, in: Proceedings of TIWDC 2009, Pula, Italy, September 2009.
[59]O. Savry, F. Pebay-Peyroula, F. Dehmas, G. Robert, J. Reverdy, RFID noisy reader: how to prevent from eavesdropping on the communication? in:Proceedings of Workshop on Cryptographic Hardware and Embedded Systems 2007, Vienna, Austria, September 2007.
[60]A. Roscoe,"Modelling and verifying key-exchange protocols using CSP and FDR," Proc. Eighth IEEE Computer Security Foundations Workshop, County Kerry, Ireland, pp.98-107, June 1995.
[61]D. Dolev and A. Yao, "On the security of public key protocols," IEEE Trans. on Information Theory, Vol.29, No.2, pp.198--208, Mar.1983.
[62]M. Burrows, A. Abadi, and R. Needham, "A logic of authentication," ACM Trans. on Computer Systems, Vol.8, No.1, pp.18-36, Feb.1990.
[63]L. Gong, R. Needham, and R. Yahalom, "Reasoning about belief in cryptographic protocols," Proc.1990 IEEE Symposium on Security and Privacy, pp.234--248, IEEE Computer Society, Oakland, CA, USA, May 1990.
[64]P. Syverson and P. van Oorschot, "On unifying some cryptographic protocol logics," Proc.1994 IEEE Computer Society Symposium on Research in Security and Privacy, pp.14-28, IEEE Computer Society, Oakland, CA, USA, May 1994.
[65]Thayer FJ,Herzog JC,Guttman JD,stand spaces:Why is a security protocol correct?In:Proceedings of the 1998 IEEE Symposium on Security and Privacy.Los A lamitos:IEEEcomputer Society Press,1998.160-172.
[66]Thayer FJ,Herzog JC,Guttman JD,stand spaces:Proving security protocols correct.Journal of Computer Security,1999,7(2,3):191-230.