一种面向遥感影像内容认证的多级权限管理方法
作者简介:丁凯孟(1985-),男,山西长治人,博士生,研究方向为地理数据安全。E-mail:dingkaimeng@foxmail.com
收稿日期: 2014-06-30
要求修回日期: 2014-11-23
网络出版日期: 2015-01-05
基金资助
国家社科基金重大项目(11&ZD162)
国家自然科学基金项目(41301413)
江苏省自然科学基金资助项目(BK20130903)
江苏省普通高校研究生科研创新计划资助项目(CXLX13_378)
A Multi-level Authentication Authorization Approach for Remote Sensing Image
Received date: 2014-06-30
Request revised date: 2014-11-23
Online published: 2015-01-05
Copyright
完整性认证是遥感影像获得有效利用的前提,完整性无法确定的遥感影像,其使用价值将大打折扣。传统认证技术没有顾及遥感影像认证过程中的特殊性,并不是所有用户都有权甄别遥感影像是否经过扰动。而且,传统认证技术对数据进行二进制级别的认证,已不能满足遥感影像的内容认证需求。本文从内容认证的角度研究遥感影像的多级权限管理,提出一种基于感知哈希技术与单向函数的遥感影像多级认证权限的管理方法。感知哈希技术能用很少的信息表征遥感影像的有效内容,并对不改变影像内容的操作保持鲁棒性,与密码学Hash函数有着显著的区别。多级权限的管理则通过建立与权限矢量对应的密钥矢量来实现,权限较高的用户可以通过自己的密钥计算出低权限用户的密钥,反之则不行。本方法首先以单向函数生成不同等级的权限密钥,然后,根据不同区域的地物影像进行敏感等级的划分,最后,计算不同区域影像的感知哈希序列,并通过不同级别的密钥加密生成的感知哈希序列。用户认证影像内容完整性时,根据权限的不同认证不同敏感度的影像。实验与分析表明,该算法能有效实现遥感影像的认证权限管理,并具有较高的实现效率和安全性。
丁凯孟 , 朱长青 . 一种面向遥感影像内容认证的多级权限管理方法[J]. 地球信息科学学报, 2015 , 17(1) : 8 -14 . DOI: 10.3724/SP.J.1047.2015.00008
Integrity authentication is proved to be the prerequisite of remote sensing image applications. In other words, an image with poor integrity would have little value in further utilizations. The special nature of the authentication process is not taken into account in conventional authentication technologies, which makes it difficult for all users to be authorized to discriminate whether the images have been destabilized. Moreover, traditional authentication technologies are based on the binary data, which can not meet the requirements of content authentication for remote sensing image. According to the actual requirements of remote sensing image authentication, a multi-level authorization method for remote sensing image based on perceptual hashing and one-way function is proposed from the perspective of content authentication. Perceptual hash technology is different from the cryptographic hash function, that it can express the content of remote sensing image with little information, at the same time, it can keep the robustness for operations that do not change the content of image. Multi-level authorization management is realized by establishing a key vector corresponding to the permission vector. So the higher privileged users can calculate the keys of users with lower priorities, based on their own keys. First, the key vector was produced for multi-level authorization management based on one-way function. Second, the image is partitioned into regions with different sensitivity levels according to the contained objects. Then, the perceptual hash values of the regions are generated and used for authentication, and are encrypted with hierarchical keys. Users with different priorities can authenticate the corresponding contents with relevant sensitivity levels from the remote sensing image, after decrypting the perceptual hash values. The experiment results show that the proposed approach effectively achieved the multi-level authentication for remote sensing images with high computing efficiency and confidentiality.
Fig. 1 The authority management model for image authentication图1 影像认证权限管理模型 |
Fig. 2 The general process of perceptual hashing图2 感知哈希的一般生成流程 |
Fig. 3 The experiment image图3 实验遥感影像 |
Fig. 4 Grid division and sensitive region classification图4 影像格网划分及敏感区域划分 |
Fig. 5 Tamper examples of the sensitive regions图5 影像敏感区域篡改示例 |
Fig. 6 Authentication results for different users with different authorities图6 不同认证权限用户的认证结果 |
Fig. 7 Robustness test图7 鲁棒性测试 |
The authors have declared that no competing interests exist.
[1] |
|
[2] |
|
[3] |
|
[4] |
|
[5] |
|
[6] |
|
[7] |
|
[8] |
|
[9] |
|
[10] |
|
[11] |
|
[12] |
|
[13] |
|
[14] |
|
[15] |
|
[16] |
|
[17] |
|
[18] |
|
[19] |
|
[20] |
|
[21] |
|
[22] |
|
/
〈 | 〉 |