An Authentication Method for Ubiquitous Electric Internet of Things Communication Terminal Based on Coordinated Filtering

The current terminal authentication is mainly based on the identification of user markers, which can not be accurately judged according to the user behavior. It is not only complex to calculate the hardware requirements, but also inefficient when processing a large number of requests. In order to optimize the above defects, an identity authentication method for ubiquitous power Internet of Things communication terminals based on coordination filtering is proposed. After establishing the user identity characteristic information matrix of the communication terminal, the identity authentication protocol is designed by using the public key. Trust degree is introduced to improve coordination filtering, and the improved algorithm is used to process user identity information, so as to realize identity authentication. The design of comparative experiment verifies that the average certification time of the research method is less than 6ms, which can effectively carry out safety protection and is feasible.


Introduction
Ubiquitous power IOT is a special IOT after introducing IOT technology into the current operating power grid to realize extensive connection and sharing of various infrastructure equipment, management and maintenance personnel, power environment, and power grid operation information in the power grid. Ubiquitous power IOT is the technical integration of communication technology and artificial intelligence technology in the power industry. Ubiquitous power IOT is built to realize comprehensive energy efficiency services in distributed grid power generation, grid electrical equipment access, industrial integration of multiple new energy utilization and financial integration of related industries, and grid operation data processing [1]. At present, the basic technology and external environment in the development of the ubiquitous electric Internet of Things have basically developed and matured. The implementation of ubiquitous electric Internet of Things brings about not only the speed and convenience, but also the problem of information security protection. In the construction of the data access system of the ubiquitous power Internet of Things, it is necessary to overcome the defects of the traditional terminal security access technology, that is, the identity of the end user should be authenticated before the communication terminal is connected to the ubiquitous power Internet of Things. If the measurements meet in electric power network access security policy, allows access to the terminal in the power of things, or be disconnected terminal or to connect to the specified isolation area, thus to boycott before most of the potential attacks in occur, will flood in the power of the Internet of things trust chain extension from the terminal to the network, to ensure the security and credibility of the connection of each node in the ubiquitous electric Internet of Things, and to realize   Each row vector consisting of elements in the above matrix represents a user's authentication feature information, and each authentication information feature is described by multiple attributes. x denotes the j th attribute value of the user's i th identity feature information [9]. In this paper, the four identity feature attributes of department, level, name, and management authorization level, which are the most important for communication terminal user identification, are selected for initial identity classification [10]. The above identity feature attributes are mainly binary variables and nominal variables. For binary variables whose attributes take values as two mutually independent values, the dissimilarity between attribute vectors can be calculated based on the number of different state variables of the vectors corresponding to the actual attributes [11]. The weights represented by the attribute taking values of two mutually independent values of nominal type variables are not necessarily equal, and if the two state attributes take the same weight, the formula for calculating the phase dissimilarity of the variables is as follows [12].
In the above formula, a is the number of attribute states with the same values of object i and object j in the attribute of binary variables. b is the number of attribute states with different values of object i and object j in the binary variable attribute; n is the number of all value attribute states of object i and object j . The corresponding state attributes of nominal variables are independent of each other [13]. Therefore, for nominal variables with n state numbers, the formula for calculating the difference is as follows: In the above formula, m is the same number of attributes whose attribute states of the two variables match each other. After calculating the differences of the corresponding variables of the communication end-user authentication attribute, the k-means clustering algorithm is used to cluster the user identity information [14]. After user authentication information is preliminarily classified by K-means clustering algorithm, user identity attribute features are extracted according to the similarity of corresponding identity attributes, and the identity characteristic information matrix of end users of ubiquitous electric Internet of Things communication is established [15].

Communication terminal authentication protocol design
Since the ubiquitous power IOT communication network needs to access new end users at any time, this study will design the terminal authentication protocol under the public key mechanism [16]. The schematic diagram of two-way authentication between the ubiquitous power IOT communication network and the communication terminal using public key is shown in Fig.1 Figure 1 Two-way authentication process based on public key The detailed public key-based two-way authentication process is as follows: (1) The ubiquitous power IOT communication terminal generates a random number r1, multiplies and encrypts the random number r1 with the ID marked by the communication terminal in the ubiquitous power IOT according to the RSA encryption algorithm, and sends the encrypted information to the server of the communication network via the communication port.
(2) The server of the communication network decrypts the received encrypted information in accordance with the decryption process of RSA encryption algorithm, obtains the random number r1, generates the random number r2 and the corresponding symmetric key ECB_KEY, and sends the random numbers r1, r2 and the symmetric key ECB_KEY encrypted to the communication terminal [17].
(3) The communication terminal decrypts random numbers r1 and r2 and the symmetric key ECB_KEY, and determines the identity of the communication network server of the transmission object based on the random number r1 in the decryption result. The symmetric key ECB_KEY is used to encrypt the received decrypted r2 in accordance with the ECB encryption algorithm and send it to the communication network server whose identity has been determined. The communication network server receives the encrypted information and decrypts it, and compares the random number obtained from the decryption with the originally generated random number r2 to complete the authentication of the communication terminal.
Based on the above-designed authentication protocol for communication terminal user access, an authentication password is introduced for security enhancement. Before authentication, the communication terminal performs hashing operations on the user input authentication ID information and the user password respectively, and sends the result of the hashing operations to the server. The server searches and matches the hash information of the user ID and continues to connect to the communication terminal if the user ID information is matched; if the corresponding hash information of the user ID cannot be found, the server directly disconnects from the communication terminal. After confirming the connection to the communication terminal, the server looks for the hash information of the user password based on the hash information of the user ID. If the user password hash information can be found, the user authentication connection request is passed, otherwise the connection is disconnected. After that, the authentication is performed according to the public key-based two-way authentication process mentioned above. The communication terminal will communicate using the determined communication key based on the received two-way authentication result. After designing

Coordinated filtering improvements based on trust
The classical coordinated filtering algorithm has some problems such as rough computing granularity and low recommendation coverage. In order to improve the accuracy of filtering for different user identities, this study introduced trust to improve the coordinated filtering algorithm. The direct trust degree of the user identity is calculated according to the corresponding behavior of the login ID of the communication end user. If in the communication process of ubiquitous power Internet of Things, there are more communications between two user IDs using fixed communication terminals, it indicates that the trust degree of the two user IDs is high. Similarly, if the user ID communicates with the server with higher management level in the ubiquitous power Internet of Things communication server more times, the trust of this user ID will be improved accordingly. Based on the interaction information between the communication end user and the server, this study calculates the user's trust degree. The formula is described as follows [18] : represents the amount of interactive information. In the process of ubiquitous power Internet of Things communication, if the authentication is successful, the server will enhance the trust of the identity of the end user. Otherwise, it will reduce the user's trust degree to the greatest extent, thus affecting the identity authentication of the terminal. In order to avoid the security problems caused by the theft of the authentication credentials of the end users, the indirect trust formula is also introduced to evaluate the trustworthiness of the end users [19]. The formula of indirect trust is described as follows:

 
In the above formula,   , w t U is the set of users of other communication terminals trusted by server w and t ; p is a trust communication terminal trusted by both server w and t ; DT is the level of trust between servers. Therefore, the final calculation formula of the trust degree of end users of electric Internet of Things communication is as follows: In the above formula,  is the adjustable parameter in the interval [0,1], and its calculation formula is as follows: After introducing the trust degree of the communication terminal calculated in the above formula to the user, the processing effect of the coordinated filtering algorithm is enhanced. The improved In the above formula,  is the adjustable parameter;   , Us u v is the similarity between user u and user q ; u r and q r are ratings of the degree of trust to user u and user q respectively; T U is the trusted neighbor set; ,

Experimental purpose and setup
Purpose: In this section, the feasibility and effectiveness of the coordination filtering-based authentication method for ubiquitous power IOT communication terminals proposed above will be investigated through experiments. Content setting: The ubiquitous power IOT in a large smart grid is selected as the background environment for this experiment, and there are 500 communication terminals in this ubiquitous power IOT, and these communication terminals are taken as the research object of this experiment. The authentication method proposed in this paper is used as the experimental group, and the authentication method based on password identification is selected as the comparison group. With the objective of testing the authentication performance and security of communication terminals after applying the two groups of methods, the experimental data are counted and the experimental verification is completed.

Experimental results
The experiments test the efficiency of authentication processing of the ubiquitous power IOT communication terminal authentication service, and test the load on the terminal network computing server by running a large number of authentication requests for a long time. Each group is tested 20 times, and the duration of each test is 100 min. In each group, the authentication processing time is recorded and averaged to obtain the average authentication processing time of the communication terminal in each group. In addition, by recording the number of server responses to authentication requests during the test, the average number of transactions per second processed by the server is obtained. Analyzing the data in Table 1 above, it can be seen that the maximum number of concurrent authentication requests that the terminal can accept when using the experimental group method to authenticate the access user is significantly larger than that of the communication terminal applying the comparison group method, and the maximum and minimum time range and upper and lower limits for authentication of the communication terminal applying the experimental group method are smaller than those of the communication terminal applying the comparison group method. From the viewpoint of the average processing time of authentication of communication terminals, the average authentication time of communication terminals applying the experimental group method is less than 6ms, while the minimum average processing of communication terminals applying the comparison group method is greater than 9ms. Meanwhile, the number of authentication transactions per unit time of terminals applying the experimental group method is much larger than that of the comparison group method. The above analysis shows that the authentication performance of the communication terminal applying the experimental group method is better. Figure 2 below shows the danger index (the proportion of communication content cracking to the full content of communication) of the IOT terminal after applying the two methods of authentication during the above test, when the simulated checkout authentication identity attacked the network. Analysis of the curves in the above figure shows that the application of the two authentication methods effectively reduces the hazard index of the IOT communication terminal. In comparison, the hazard index of the communication terminal applying the experimental group method is lower, and the hazard index of the terminal applying the experimental group method changes less and is more stable during the overall experiment. It shows that the experimental group method is more reliable for protecting the terminal security when applied.
The above experimental data analysis shows that the ubiquitous power IOT communication terminal authentication method based on coordinated filtering proposed in this paper can support more authentication services per unit time, and the authentication of communication terminals applying the method is more efficient, i.e., the authentication method studied in this paper is more effective.

Conclusion
At present, the information construction of the power grid has achieved more significant results, the introduction of the Internet of Things technology to improve the efficiency of the power system. However, the characteristics of ubiquitous power IOT terminal distribution, complex deployment environment and flexible access methods may cause the sensitive information contained in the network to be maliciously tampered and leaked when the network is attacked, and at the same time, due to the special node structure of IOT, the communication terminal connected to the IOT node may be illegally stolen or used to reverse control the power grid, thus endangering the stable operation of the power grid. To this end, this paper investigates the authentication method of ubiquitous power IOT communication terminals based on coordinated filtering, and verifies the feasibility of the method through experiments.