面向智慧旅游物联网设备的身份认证方法的研究

杨崇宇; 何乐生; 胡崇辉; 冯毅; 岳远康

doi:10.11959/j.issn.2096-3750.2025.00433

您当前的位置：

首页 >

文章列表页 >

面向智慧旅游物联网设备的身份认证方法的研究

理论与技术 | 更新时间：2026-01-26

- 面向智慧旅游物联网设备的身份认证方法的研究
- Research on identity authentication methods for IoT devices in smart tourism
- 物联网学报 2025年9卷第3期页码：180-189
- 作者机构：
  
  1.云南大学信息学院，云南昆明 650091
  2.云南省智慧旅游工程研究中心，云南昆明 650091
- 作者简介：
  
  [ "杨崇宇（1999‒ ），男，云南大学信息学院硕士生，主要研究方向为物联网安全、嵌入式系统开发。" ]
  [ "何乐生（1977‒ ），男，博士，云南大学信息学院副教授，主要研究方向为嵌入式系统及物联网应用、微弱信号采集和处理及其在生物电信号和射电天文信号处理等方面的应用。" ]
  [ "胡崇辉（1997‒ ），男，云南大学信息学院硕士生，主要研究方向为嵌入式系统开发、物联网应用。" ]
  [ "冯毅（1999‒ ），男，云南大学信息学院硕士生，主要研究方向为侧信道攻击、轻量级密码安全性分析。" ]
  [ "岳远康（1997‒ ），男，云南大学信息学院硕士生，主要研究方向为侧信道攻击、轻量级密码安全性分析。" ]
- 基金信息：
- DOI：10.11959/j.issn.2096-3750.2025.00433
  中图分类号： TN915.08
- 收稿：2024-09-08，
  
  修回：2024-10-29，
  
  纸质出版：2025-09-10
- 稿件说明：
移动端阅览
杨崇宇,何乐生,胡崇辉等.面向智慧旅游物联网设备的身份认证方法的研究[J].物联网学报,2025,09(03):180-189.

YANG Chongyu,HE Lesheng,HU Chonghui,et al.Research on identity authentication methods for IoT devices in smart tourism[J].Chinese Journal on Internet of Things,2025,09(03):180-189.
杨崇宇,何乐生,胡崇辉等.面向智慧旅游物联网设备的身份认证方法的研究[J].物联网学报,2025,09(03):180-189. DOI： 10.11959/j.issn.2096-3750.2025.00433.

YANG Chongyu,HE Lesheng,HU Chonghui,et al.Research on identity authentication methods for IoT devices in smart tourism[J].Chinese Journal on Internet of Things,2025,09(03):180-189. DOI： 10.11959/j.issn.2096-3750.2025.00433.

摘要

物联网化是智慧旅游业发展的重要趋势，其网络安全问题涉及政府管理端、公有云平台、设备生产商、景区方和游客等多个相关方，且物联网设备均部署在公共场所中，易受物理攻击，身份认证成为物联网安全的基础和关键。提出了基于行政申请的无证书身份认证方法，通过消息队列遥测传输（MQTT

message queuing telemetry transport）协议的消息队列机制维护设备安全状态，解决低功耗设备休眠带来的状态问题。该方法基于国家商用密码算法，保证了物联网信息安全的自主可控。性能评估显示，该方法能够有效帮助管理部门防范来自上述各方的安全威胁，身份认证平均准确率达到99.7%，且设备嵌入式随机存取存储器（RAM）、闪存（FLASH）消耗各不超过35 KB、30 KB，满足智慧旅游场景应用需求。

Abstract

The internet of things (IoT) is a key trend in smart tourism

involving multiple stakeholders like government management

public cloud platforms

device manufacturers

scenic areas

and tourists. IoT devices

often deployed in public spaces

are vulnerable to physical attacks

making identity authentication critical for security. A certificate-free identity authentication method based on administrative applications was proposed

using MQTT protocol message queues to maintain device security status

addressing issues with low-power devices in sleep mode. Based on national cryptographic algorithms

secure and controllable IoT information was ensured. Performance evaluations show that it effectively helps prevent security threats

achieving an average authentication accuracy of 99.7%

with embedded RAM and FLASH usage not exceeding 35 KB and 30 KB

suitable for smart tourism applications.

关键词

Keywords

references

WANG W , KUMAR N , CHEN J X , et al . Realizing the potential of the Internet of things for smart tourism with 5G and AI [J ] . IEEE Network , 2020 , 34 ( 6 ): 295 - 301 .

GUO X D , WANG Y X , MAO J Q , et al . Towards an IoT enabled tourism and visualization review on the relevant literature in recent 10 years [J ] . Mobile Networks and Applications , 2022 , 27 ( 3 ): 886 - 899 .

“十四五”文化和旅游发展规划 [N ] . 中国文化报 , 2021-06-03 (2).

14th Five-Year Plan cultural and tourism development plan [N ] . China Culture News , 2021-06-03 (2).

宋瑞 . 中国旅游发展笔谈: “十四五” 时期我国旅游业发展展望 [J ] . 旅游学刊 , 2020 , 35 ( 6 ): 1 .

SONG R . Discussion forum of China tourism development: prospects of China’s tourism development during the 14th-Five-Year Plan period [J ] . Tourism Tribune , 2020 , 35 ( 6 ): 1 .

BUTUN I , ÖSTERBERG P , SONG H B . Security of the Internet of things: vulnerabilities, attacks, and countermeasures [J ] . IEEE Communications Surveys & Tutorials , 2020 , 22 ( 1 ): 616 - 644 .

SERROR M , HACK S , HENZE M , et al . Challenges and opportunities in securing the industrial Internet of things [J ] . IEEE Transactions on Industrial Informatics , 2021 , 17 ( 5 ): 2985 - 2996 .

AIREHROUR D , GUTIERREZ J , RAY S K . Secure routing for Internet of things: a survey [J ] . Journal of Network and Computer Applications , 2016 , 66 : 198 - 213 .

AL-FUQAHA A , GUIZANI M , MOHAMMADI M , et al . Internet of things: a survey on enabling technologies, protocols, and applications [J ] . IEEE Communications Surveys & Tutorials , 2015 , 17 ( 4 ): 2347 - 2376 .

FROIZ-MÍGUEZ I , FERNÁNDEZ-CARAMÉS T M , FRAGA-LAMAS P , et al . Design, implementation and practical evaluation of an IoT home automation system for fog computing applications based on MQTT and ZigBee-WiFi sensor nodes [J ] . Sensors , 2018 , 18 ( 8 ): 2660 .

ALAIZ-MORETON H , AVELEIRA-MATA J , ONDICOL-GARCIA J , et al . Multiclass classification procedure for detecting attacks on MQTT-IoT protocol [J ] . Complexity , 2019 , 2019 ( 1 ): 6516253 .

JALOUDI S . Communication protocols of an industrial Internet of things environment: a comparative study [J ] . Future Internet , 2019 , 11 ( 3 ): 66 .

MISHRA B , KERTESZ A . The use of MQTT in M2M and IoT systems: a survey [J ] . IEEE Access , 2020 , 8 : 201071 - 201086 .

VACCARI I , CHIOLA G , AIELLO M , et al . MQTTset, a new dataset for machine learning techniques on MQTT [J ] . Sensors , 2020 , 20 ( 22 ): 6578 .

MISHRA B , MISHRA B , KERTESZ A . Stress-testing MQTT brokers: a comparative analysis of performance measurements [J ] . Energies , 2021 , 14 ( 18 ): 5817 .

余文科 , 程媛 , 李芳 , 等 . 物联网技术发展分析与建议 [J ] . 物联网学报 , 2020 , 4 ( 4 ): 105 - 109 .

YU W K , CHENG Y , LI F , et al . Analysis and suggestions on the development of IoT technology [J ] . Chinese Journal on Internet of Things , 2020 , 4 ( 4 ): 105 - 109 .

ALI AL-GARADI M , MOHAMED A , AL-ALI A K , et al . A survey of machine and deep learning methods for Internet of things (IoT) security [J ] . IEEE Communications Surveys & Tutorials , 2020 , 22 ( 3 ): 1646 - 1685 .

陈锐 , 李春强 . 认证加密算法SM4-GCM的低成本硬件架构设计与实现 [J ] . 物联网学报 , 2023 , 7 ( 4 ): 168 - 179 .

CHEN R , LI C Q . Design and implementation of low-cost hardware architecture for authentication encryption algorithm SM4-GCM [J ] . Chinese Journal on Internet of Things , 2023 , 7 ( 4 ): 168 - 179 .

ROMAN R , NAJERA P , LOPEZ J . Securing the Internet of Things [J ] . Computer , 2011 , 44 ( 9 ): 51 - 58 .

王曼竹 , 李梓琦 , 陈翌飞 , 等 . 车联网中安全认证技术的分析与研究 [J ] . 物联网学报 , 2021 , 5 ( 3 ): 106 - 114 .

WANG M Z , LI Z Q , CHEN Y F , et al . Research and implementation of safety authentication technology in Internet of vehicles [J ] . Chinese Journal on Internet of Things , 2021 , 5 ( 3 ): 106 - 114 .

廖伟 , 何乐生 , 尹恒 , 等 . 一种基于Chebyshev混沌映射和CRT的ZigBee网络匿名认证方案 [J ] . 物联网学报 , 2023 , 7 ( 4 ): 101 - 109 .

LIAO W , HE L S , YIN H , et al . A ZigBee network anonymous authentication scheme based on Chebyshev chaotic mapping and CRT [J ] . Chinese Journal on Internet of Things , 2023 , 7 ( 4 ): 101 - 109 .

SHAPSOUGH S , ALOUL F , ZUALKERNAN I A . Securing low-resource edge devices for IoT systems [C ] // Proceedings of the 2018 International Symposium in Sensing and Instrumentation in IoT Era (ISSI) . Piscataway : IEEE Press , 2018 : 1 - 4 .

BISNE L , PARMAR M . Composite secure MQTT for Internet of things using ABE and dynamic S-box AES [C ] // Proceedings of the 2017 Innovations in Power and Advanced Computing Technologies (i-PACT) . Piscataway : IEEE Press , 2017 : 1 - 5 .

CALABRETTA M , PECORI R , VELTRI L . A token-based protocol for securing MQTT communications [C ] // Proceedings of the 2018 26th International Conference on Software, Telecommunications and Computer Networks (SoftCOM) . Piscataway : IEEE Press , 2018 : 1 - 6 .

IMGHOURE A , EL-YAHYAOUI A , OMARY F . ECDSA-based certificateless conditional privacy-preserving authentication scheme in Vehicular Ad Hoc network [J ] . Vehicular Communications , 2022 , 37 : 100504 .

SANJUAN E B , ABAD CARDIEL I , CERRADA J A , et al . Message queuing telemetry transport (MQTT) security: a cryptographic smart card approach [J ] . IEEE Access , 2020 , 8 : 115051 - 115062 .

LESJAK C , HEIN D , HOFMANN M , et al . Securing smart maintenance services: hardware-security and TLS for MQTT [C ] // Proceedings of the 2015 IEEE 13th International Conference on Industrial Informatics (INDIN) . Piscataway : IEEE Press , 2015 : 1243 - 1250 .

谷正川 , 郭渊博 , 方晨 . 基于代理重加密的消息队列遥测传输协议端到端安全解决方案 [J ] . 计算机应用 , 2021 , 41 ( 5 ): 1378 - 1385 .

GU Z C , GUO Y B , FANG C . End-to-end security solution for message queue telemetry transport protocol based on proxy re-encryption [J ] . Journal of Computer Applications , 2021 , 41 ( 5 ): 1378 - 1385 .

WANG Q , WANG C , REN K , et al . Enabling public auditability and data dynamics for storage security in cloud computing [J ] . IEEE Transactions on Parallel and Distributed Systems , 2011 , 22 ( 5 ): 847 - 859 .

ZHENG Y , LIU W Y , GU C Y , et al . PUF-based mutual authentication and key exchange protocol for peer-to-peer IoT applications [J ] . IEEE Transactions on Dependable and Secure Computing , 2023 , 20 ( 4 ): 3299 - 3316 .

HUNG Y C ， PIN P C . Design and implementation of efficient IoT authentication schemes for MQTT 5.0 [J ] . Journal of Internet Technology , 2023 : 665- 674 ..

PARK C S , NAM H M . Security architecture and protocols for secure MQTT-SN [J ] . IEEE Access , 2020 , 8 : 226422 - 226436 .

MUNSHI A . Improved MQTT secure transmission flags in smart homes [J ] . Sensors , 2022 , 22 ( 6 ): 2174 .

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

频偏下基于张量分解的联合设备活跃性检测和信道估计

物联网中模型剪枝技术：现状、方法和展望

基于联邦强化学习的面向边缘网络的入侵检测方法研究

认证加密算法SM4-GCM的低成本硬件架构设计与实现

超大规模MIMO-OTFS系统上行辅助的下行信道估计方法