Research On Decentralized Identity Management In The Environment Of Internet Of Things

The rapid development of information network technology has greatly promoted the application process of the Internet of things.With the large-scale entry of business models such as car Internet,industrial Internet and smart home into the practical field,the number of devices of the Internet of things shows an explosive growth,pushing the animal network to accelerate its infiltration into all areas of production and life of human society.At the same time,the security of the Internet of things has become increasingly prominent.Limited by the limited computing power,memory,bandwidth and other resources,Internet of things devices are easy to become the target of attack,resulting in privacy data leakage,system business out of control and other problems.Identity authentication is the first line of defense of the Internet of things,effective identity management and authorization authentication mechanism can ensure that the access node has a legitimate identity and correct access rights,so as to ensure the security of the entire Internet of things system.In the centralized identity scheme,the identity data is controlled by the central node,which has a single point of failure,and it is difficult to cross-domain authentication and over-exposure of privacy due to the noninteroperability of identity data and the disunity of identity standards between platforms.Therefore,there is an urgent need to introduce a decentralized identity scheme in the Internet of things system to solve the above problems.This thesis focuses on the identity management and authorization authentication of the Internet of things under decentralized identity,the main contents are as follows:The main contributions of this thesis are as follows:(1)In order to solve the problems of single point of failure,non-intercommunication of identity data and single identity subject of centralized identity scheme,a digital identity of Internet of things based on decentralized identifier is proposed.By deploying the decentralized identity infrastructure,the Internet of things business system is decoupled from the identity system,so that the Internet of things entities have a cross-domain and effective global identity,and at the same time,the identity formats of different entities in the Internet of things system are unified.And the identity creation,update and revocation process is designed for the Internet of things environment.Then the feasibility analysis and performance analysis of the proposed scheme are carried out,and the results show that the proposed scheme can effectively solve the problems of single point of failure,privacy disclosure and identity domain isolation,and has advantages over centralized identity representation technology in terms of performance overhead.(2)This thesis proposes an identity management framework of Internet of things based on decentralized identity.Based on the identity system based on decentralized identifier,block chain is introduced as the underlying record structure of entity identity data and authorization data of Internet of things.Selective disclosure,ownership transfer,trusted authorization and authentication scheme are provided.Finally,taking the sales and replenishment scenario of intelligent Internet vehicles as an example,the workflow of authorization and authentication of Internet of things entities under the peer-to-peer trust model is described.(3)This thesis designs an identity authentication prototype system of the Internet of things in the decentralized environment around the issuance and verification scenario of verifiable credentials.The roles of issuer,holder and verifier are set up,identity and credential metadata are recorded through the block chain network,and functional tests and performance tests are carried out.The results show that the prototype system can achieve the basic functions of authorization and authentication of the Internet of things,and the performance overhead is acceptable.