查看文章

With the introduction of emerging technologies such as cloud computing, the railway communication network has the characteristics of complex structure and blurred boundaries, which leads to a series of security threats including information leakage and malicious access. Specifically, the third-party cloud services are difficult to be supervised, and network traffic is untrustworthy. To ensure system security, we propose a zero-trust security model in this paper. Then, we introduce blockchain and Merkle tree to build a distributed identity storage scheme for guaranteeing reliable, confidential and efficient data updates, and improving authentication efficiency. Furthermore, the proxy was introduced for two-way authentication with cloud servers, so that internal and external threats could be counteracted. Moreover, reputation assessment mechanism has been adopted to reduce the possibility of nodes accessing malicious …