隨著第六代無線通訊系統(6G)的發展,預期其在速度、容量及低延遲性能上將顯著超越5G。然而,6G網絡的擴展和多元異質性帶來了新的挑戰,尤其是網絡切片交換中反覆驗證所導致的時間和成本消耗,以及過度依賴第三方認證機構可能引發的資安風險。為此,我們設計了一個適用於6G的分散式網路切片交換管理機制,利用Fast Identity Online技術進行快速身份認證,同時結合區塊鏈技術以確保用戶身份資料的完整性和不可篡改性,從而增強了資料的安全性。在網路切片的管理中,我們引入代理重加密技術,使在交換網路切片的過程中,不直接透露驗證資料的情況下,第三方機構無法直接解密資料,以減少對第三方機構的,保護用戶身份認證資料的保密性。此外,為了有效應對惡意用戶可能進行的惡意操作,本文採用了變色龍哈希函數實施身份撤銷機制。我們還提供了一個全面的認證、授權及計費(AAA)功能,以確保個人資料和交易記錄的安全管理和加密保護,從而實現更高效和安全的6G網絡環境。我們還進行了安全性分析和模擬驗證,以評估所提出方案的性能。與現有的方案相比,我們的方案顯示較低的計算和通訊開銷。;As the development of the sixth-generation wireless communication system (6G) progresses, it is anticipated to significantly surpass 5G in terms of speed, capacity, and low latency performance. However, the expansion and diversity of 6G networks bring new challenges, particularly the time and cost consumption caused by repeated verification in network slicing exchanges and the cybersecurity risks associated with excessive reliance on third-party certification authorities. To address these issues, we have designed a decentralized network slicing exchange management mechanism suitable for 6G. This mechanism utilizes Fast Identity Online (FIDO) technology for rapid identity authentication, combined with blockchain technology to ensure the integrity and immutability of user identity data, thereby enhancing data security. In network slicing management, we introduce proxy re-encryption technology. This technology ensures that verification data is not directly revealed during the process of exchanging network slices, preventing third-party institutions from decrypting the data directly. This approach reduces reliance on third-party institutions while safeguarding the confidentiality of user identity authentication data. Additionally, to effectively counter potential malicious operations by malicious users, we adopt chameleon hash functions to implement an identity revocation mechanism. We also provide a comprehensive Authentication, Authorization, and Accounting (AAA) function to ensure secure management and encryption protection of personal data and transaction records, thereby achieving a more efficient and secure 6G network environment. We also conducted security analysis and simulation verification to evaluate the performance of the proposed scheme. Our scheme demonstrates lower computational and communication overhead compared to existing schemes.
