基于区块链的5G物联网数据共享方案

doi:10.11959/j.issn.2096-109x.2020041

摘要/Abstract

摘要：

海量的物联网数据拥有巨大价值，而现有基于云的数据共享机制，面临单点故障、内部泄露等问题，无法确保用户数据的安全共享。为实现高效可信的数据共享，利用区块链技术，提出了基于区块链的5G 物联网数据共享方案。该方案首先设计了数据共享框架和数据共享流程；然后基于闪电网络方案，提出了面向物联网数据共享的链下交易机制。实验分析表明，基于区块链的5G物联网数据共享方案具有较强的抗攻击能力；基于闪电网络的交易机制，能够大幅提高交易吞吐量、降低交易时延。

关键词: 区块链, 5G, 物联网, 数据共享, 链下交易

Abstract:

The massive amount of IoT data has great value,but the existing cloud-based data sharing mechanism faces problems such as single points of failure and internal leakage,which can not ensure the secure sharing of user data.In order to achieve efficient and reliable data sharing,the blockchain technology was used to propose a 5G IoT data sharing scheme based on blockchain.Firstly,the proposed scheme designed data sharing framework and data sharing process,based on the lightning network solution,an off-chain transaction mechanism for data sharing of the internet of things was proposed.Experimental analysis shows that the 5G IoT data sharing framework based on blockchain has strong anti-attack ability and the off-chain transaction mechanism based on lightning network can greatly increase transaction throughput and reduce transaction delay.

Key words: blockchain, 5G, internet of things, data sharing, off-chain transaction

中图分类号:

TP399

乔康,游伟,王领伟,汤红波. 基于区块链的5G物联网数据共享方案[J]. 网络与信息安全学报, 2020, 6(4): 45-55.

Kang QIAO,Wei YOU,Lingwei WANG,Hongbo TANG. Data sharing scheme for 5G IoT based on blockchain[J]. Chinese Journal of Network and Information Security, 2020, 6(4): 45-55.

图/表 13

图1

图2

表1

图3

表2

图4

图5

图6

图7

表3

7种区块链/物联网常见攻击类别及防御方式分析　Table 3 Seven common attack categories and anti-attack ways of blockchain or IoT"

攻击类别	攻击描述	防御方式
追踪攻击	攻击者通过分析区块链公开账本，得出各个交易输入地址和输出地址的连接关系，进而追踪特定地址的交易	本文使用闪电网络，大部分交易发生在主区块链外，通过闪电网络通道进行的所有微支付无法被追踪
链接攻击	攻击者通过分析区块链公开账本，配合IP地址、ID信息等可以链接到真实用户和交易的关联性	节点经注册中心许可后成为合法节点，注册中心由国家监管机构担任，攻击者无法得知实际地理位置、IP地址和ID信息
区块篡改攻击	攻击者首先争得记账权并篡改区块数据，然后将篡改后的区块广播到全网	一方面，通过注册中心监管节点，增大攻击者进入门槛的难度；另一方面，利用共识算法和激励机制，增大攻击者获得记账权的难度
存储篡改攻击	攻击者篡改或删除云数据库中存储的5G物联网数据	云数据库中存储的是加密后的数据，加密数据是由数据提供节点使用对称密钥对明文数据进行加密得到的，攻击者没有密钥则无法篡改数据
越权访问攻击	现有方案大多缺乏权限准入和数据访问机制，难以防止恶意节点的加入	本文采用联盟链技术设置准入权限和数据访问权限增强节点可控性。节点需经注册中心许可才能参与
拒绝服务（DoS）攻击	攻击者作为单个节点向区块链服务器申请大量的数据共享请求，耗尽区块链服务器的网络资源，导致合法用户请求无法通过	物联网节点申请数据共享需要支付一定数额的共享币，攻击者发动拒绝服务攻击将付出巨大经济代价，往往得不偿失，这是一种通过经济博弈来预防攻击的手段
分布式拒绝服务（DDoS）攻击	攻击者通过感染大量物联网节点，向区块链服务器申请大量的数据共享请求	物联网节点间的数据共享采用点对点通信，使用非对称加密机制，攻击者极难获取节点私钥

表3

表4

图8

图9

参考文献 25

[1]	HOLMA H , TOSKALA A , NAKAMURA T . 5G technology:3GPP new radio[R]. 2020.
[2]	AGIWAL M , SAXENA N , ROY A . Towards connected living:5G enabled internet of things (IoT)[J]. IETE Technical Review, 2019,36(2): 190-202.
[3]	MOHAMED K S , . IoT cloud computing,storage,and data analytics[M]// The Era of Internet of Things. 2019: 71-91.
[4]	WU Y , LYU Y , SHI Y . Cloud storage security assessment through equilibrium analysis[J]. Tsinghua Science and Technology, 2019,24(6): 738-749.
[5]	VALDEOLMILLOS D , MEZQUITA Y , GONZáLEZ-BRIONES A ,et al. Blockchain technology:a review of the current challenges of cryptocurrency[C]// International Congress on Blockchain and Applications. 2019: 153-160.
[6]	ESPOSITO C , DE SANTIS A , TORTORA G ,et al. Blockchain:a panacea for healthcare cloud-based data security and privacy[J]. IEEE Cloud Computing, 2018,5(1): 31-37.
[7]	XIA Q I , SIFAH E B , ASAMOAH K O ,et al. MeDShare:trust-less medical data sharing among cloud service providers via blockchain[J]. IEEE Access, 2017,5: 14757-14767.
[8]	LIANG X , SHETTY S , TOSH D ,et al. Provchain:a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability[C]// Proceedings of the 17th IEEE/ACM International Symposium on Cluster,Cloud and Grid Computing. 2017: 468-477.
[9]	REHMAN M , JAVAID N , AWAIS M ,et al. Cloud based secure service providing for IoTs using blockchain[C]// IEEE Global Communications Conference (GLOBCOM 2019). 2019.
[10]	SHAFAGH H , BURKHALTER L , HITHNAWI A ,et al. Towards blockchain-based auditable storage and sharing of IoT data[C]// Proceedings of the 2017 on Cloud Computing Security Workshop. 2017: 45-50.
[11]	WANG Y , ZHANG A , ZHANG P ,et al. Cloud-assisted EHR sharing with security and privacy preservation via consortium blockchain[J]. IEEE Access, 2019,7: 136704-136719.
[12]	NOFER M , GOMBER P , HINZ O ,et al. Blockchain[J]. Business ＆Information Systems Engineering, 2017,59(3): 183-187.
[13]	CROSBY M , PATTANAYAK P , VERMA S ,et al. Blockchain technology:beyond bitcoin[J]. Applied Innovation, 2016,2(6-10):71.
[14]	HAZARI S S , MAHMOUD Q H . A parallel proof of work to improve transaction speed and scalability in blockchain systems[C]// 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC). 2019: 0916-0921.
[15]	SINGH A , CLICK K , PARIZI R M ,et al. Sidechain technologies in blockchain networks:an examination and state-of-the-art review[J]. Journal of Network and Computer Applications, 2019:102471.
[16]	ZAMANI M , MOVAHEDI M , RAYKOVA M . RapidChain:a fast blockchain protocol via full sharding[J]. IACR Cryptology ePrint Archive, 2018(10): 931-948.
[17]	KOTILEVETS I D , IVANOVA I A , ROMANOV I O ,et al. Implementation of directed acyclic graph in blockchain network to improve security and speed of transactions[J]. IFAC-PapersOnLine, 2018,51(30): 693-696.
[18]	POON J , DRYJA T . The bitcoin lightning network:scalable off-chain instant payments[R]. 2016.
[19]	BARTOLUCCI S , CACCIOLI F , VIVO P . A percolation model for the emergence of the bitcoin lightning network[J]. arXiv preprint arXiv:1912.03556, 2019
[20]	WANG Y , ZENG H , YANG B ,et al. Detection of entity-description conflict on duplicated data based on Merkle-tree for IIoT[C]// International Conference on Web Information Systems and Applications. 2019: 163-168.
[21]	BENJI M , SINDHU M . A study on the Corda and Ripple blockchain platforms[C]// Advances in Intelligent Systems and Computing, 2019: 179-187.
[22]	DELGADOSEGURA S , PEREZSOLA C , NAVARROARRIBAS G ,et al. Analysis of the bitcoin UTXO set[C]// Financial Cryptography. 2018: 78-91.
[23]	葛琳, 季新生, 江涛 ,等. 基于区块链技术的物联网信息共享安全机制[J]. 计算机应用,39(2): 154-159.
	GE L , JI X S , JIANG T ,et al. Security mechanism for internet of things information sharing based on blockchain technology[J]. Computer Applications,39(2): 154-159.
[24]	陈强, 刘彩霞, 李凌书 . 基于粒子群优化算法的 5G 网络切片功能迁移机制[J]. 网络与信息安全学报, 2018,4(8): 47-55.
	CHEN Q , LIU C X , LI L S . 5G network slicing function migration mechanism based on particle swarm optimization algorithm[J]. Chinese Journal of Network and Information Security, 2018,4(8): 47-55.
[25]	中国信息通信研究院. 区块链安全白皮书—技术应用篇[R]. 2018.
	China Institute of Information and Communications. Blockchain security white paper-technology application[R]. 2018.

区块链分类	参与者	记账人	激励机制	共识机制	典型场景	承载能力
公有链	任何人自由进出	所有参与者	需要	PoW/PoS/DPoS	“数字货币”	3~20笔/秒
私有链	个体或公司内部	自定义	不需要	分布式一致性算法（PBFT/Paxo）	审计、发行	1 000~100 000笔/秒
联盟链	联盟成员	联盟成员协商确定	可选	分布式一致性算法（PBFT/Paxo）	支付、结算	1 000~10 000笔/秒

层次	组成
应用层	基于区块链的5G物联网数据共享的应用场景
智能合约层	利用智能合约部署自动化执行的规则条款
激励层	发行、分配机制
共识层	基于可信列表的改进拜占庭容错算法
网络层	P2P网络、区块传播机制、区块验证机制、云服务网络
数据层	区块数据、链式结构、数字签名、Merkle树、非对称加密等
物理层	物联网设备（数据提供节点、数据需求节点）、云服务基础设施等

参数	取值
T_block	10 min
SizeBlock	1 MB
SizeTx	250 bit
r	1%、2%、5%、10%