节点文献

智能家庭网络及其安全机制的研究

Intelligent Home Network and Its Security Research

【作者】 万爱霞

【导师】 黄征; 赵风景;

【作者基本信息】 上海交通大学 , 计算机科学技术, 2007, 硕士

【摘要】 随着计算机网络技术和信息技术的进步,智能家庭网络得到了前所未有的发展。家庭网络的实现目标是将家庭中各种与信息相关的通讯设备、家用电器和家庭保安装置通过家庭总线技术连接到一个家庭智能化系统上进行集中的或异地的监视、控制和家庭事务性管理,同时保持这些家庭设施与住宅环境的和谐与协调。智能家庭系统的一个重要设计部分是家庭网关的设计,传统的家庭网关一般采用PC机,但从实用和经济的角度来衡量,采用嵌入式家庭网关会是一种更为理想的选择。然而,目前家庭网络标准尚未统一,许多技术问题也有待于进一步解决,因此该目标的实现还需要长期不断的努力。嵌入式家庭网关的主要功能是实现嵌入式Internet。嵌入式网关一方面要使其能完成内部家庭网络协议和TCP/IP协议的无缝连接;另一方面,在智能家居通过Internet远程访问控制家电设备,在带来诸多方便的同时,内部家庭网络也暴露在公共面前。家庭网络的安全性也是我们要考虑的问题。在这样的背景下,本文提出了四个观点。第一:智能家庭网络的一种架构方案以及其软硬件的实现方法,该网络能够采用目前存在的多种通讯媒体,实现一定的智能化功能和远程监控功能;第二:以16/32位ARM系列处理器和RTOS环境为出发点,根据现有的内部家庭网络协议多种共存没有形成统一的标准的特点,设计一种新的嵌入式家庭网关的实现方案,提出一种通用设计思想,适用于各种不同的内部家庭网络协议与Internet的无缝连接;第三:系统地分析了智能家庭网络及嵌入式家庭网关面临的安全威胁及安全需求,在充分考虑其有限的资源的情况下,给出了基于Internet环境的智能家庭网络安全解决方案,为家庭自动化设备的远程监控系统提供了具有保密性、可认证性、可授权性和数据完整性的安全机制;第四:在安全性考虑方面,又针对通过嵌入式家庭网关接入Internet的智能家居系统提出新的安全解决方案,以HTTP摘要认证与定制的嵌入式SSL实现不同安全等级设备的安全机制,并以组策略方式对各种家电设备针对不同的用户分配不同的访问权限。在保证系统安全的同时,大大节约了系统资源,达到优化系统的目的。

【Abstract】 As the computer network and information technology is progressed, intelligent home is getting a more attention. The objective of home network is to use home bus technology to integrate all kinds of home devices, such as communication devices, home appliances and home security devices, into an intelligent home system. Based on the home system, home information and appliances can be centrally or remotely monitored, controlled and managed. Furthermore, this home system must be compatible with the home environment. However, it would take long time to realize this objective because at present the criterion of home network has not been unified and many technology problems still exist.The main function of embedded home gateway is to realize embedded internet. As an embedded home gateway, in one hand, it must realize the function of transform between the TCP/IP and home network protocol; in the other hand, when the home devices were remote visited using Internet, it bring forward a lot of convenience, but at the same time, the home device is exposed to the others, it in face of much security threaten. So the security of home network must be considered at first.Under the background mentioned before, this paper gives four viewpoints. The first is: presents a model of intelligent home work and the realization method of the software and hardware, this model can apply many communication mediums to realize the intelligent function and remote control function. The second is: based on the 16/32-bit ARM Microprocessor and the environment of RTOS, according to the different standard of home network protocol, bring forward an new design method of embedded home gateway, and bring forward a general design method, it can make different home network protocol connection to Internet without leak. The third is: do some systemic analyses of security threaten and security needs, presents the solution of security on taking its limited resource into account based on Internet environment, provides confidentiality, authentication, authorization, and integrity for remote monitoring and control of home automation devices. The forth is: in security, we bring forward new method to improve the security of intelligent home system which was connected to Internet by embedded home gateway, the security method is with the HTTP digest certification, abbreviated SSL security protocol for different Home devices which were arranged as different security grade, and distribute different visit right for different device by using group-based access strategy. This method ensures system security, greatly saves system resources to achieve the objective optimization system.

  • 【分类号】TP393.08
  • 【被引频次】8
  • 【下载频次】554
节点文献中: