中文摘要：

机会网络整合了容迟网络、移动自组织网络、社会网络等多种概念,可通过移动节点的相遇性机会实现消息的传输与共享.针对机会网络中目前较为流行的基于社会上下文的路由转发协议,设计了基于身份加密的安全架构来保证节点社会上下文的隐私性以及消息的机密性：通过可搜索的加密算法为每一个节点的社会属性设置相应的陷门,使得中继节点在可计算自身与目的节点之间上下文匹配度并制定相应的转发策略的同时,却得不到目的节点的任何属性信息;另一方面,使用节点的社会上下文生成公钥来加密信息,保证了消息的机密性.实验仿真表明,本方案的部署并未对网络报文投递率与报文平均时延造成明显影响,是一种高效实用的机会网络安全架构.

英文摘要：

Opportunistic networks integrate the concepts of delay-tolerant networks, momte au-lluc networks and social networks. In opportunistic networks, the information can be transmitted and shared by the parallel opportunistic contacts between different mobile users without any pre-existing internet architecture. The social context information is exploited to formulate the routing and forwarding strategies which can improve the network performance efficiently in comparison with the traditional routing protocols. However, privacy is a primary challenge in opportunistic networks, for some social context information is sensitive and users don＇t want to expose such information to unfamiliar nodes. We propose a security scheme based on IBE （identity-based encryption） to protect the privacy of nodes and confidentiality of messages for social context-based routing in opportunistic networks. The efficient-PEKS （public key encryption with keyword search） is used to set up trapdoors for each node＇s social attributes so that relay could compute the matching of social context between itself and destination node without getting any social attribute information from the destination node. Meanwhile, our scheme encrypts the messages by employing the combination of nodes＇ social context as the public key to ensure the confidentiality. Simulation results show that implementing our security scheme does not induce any negative impact on the delivery probability and the average delay, which indicates that our security scheme is practical and effective for opportunistic networks.