以下内容摘自ZigBee 2015 Pro文档《docs-05-3474-21-0csg-zigbee-specification》
4.6.2 Trust Center Application
The Trust Center application runs on a device trusted by devices within a ZigBee network to distribute keys for the purpose of network and end-to-end application configuration management. The Trust Center shall configure network security policies and shall be used to help establish end-to-end application keys. These keys shall be generated at random unless a key establishment protocol is used.
4.6.2.1 Distributed Security Mode
In Distributed Security Mode, there is no unique Trust Center in the network. Keys are distributed to joining devices by routers in the network using the standard transport key commands, or by other out of band methods.
4.6.2.2 Centralized Security Mode
The centralized security mode of the Trust Center is designed for applications where a centralized security device and set of security policies is required. In this mode, the Trust Center may maintain a list of devices, link keys and network keys with all the devices in the network; however, it shall maintain a network key and controls policies of network admittance. In this mode, the nwkAllFresh attribute in the NIB shall be set to FALSE. Each device that joins the network securely shall either have a Global Link key or a unique link key depending upon the application in use. It is required that the trust center have prior knowledge of the value of the link key and the type (Global or unique) in order to securely join the device to the network. A Global Link key has the advantage that the memory required by the Trust Center does not grow with the number of devices in the network. A unique link key has the advantage of being unique for each device on the net-work and application communications can be secured from other devices on the network. Both types of keys may be used on the network, but a device shall only have one type in use per device-key pair.
The security policy settings for centralized security are further detailed in section 4.7.1.
翻译:
4.6.2信任中心应用
信任中心应用程序运行在ZigBee网络中设备信任的设备上,用于分发密钥,用于网络和端到端应用程序配置管理。信任中心应配置网络安全策略和应使用,帮助建立端到端应用密钥。除非使用密钥建立协议,否则这些密钥应随机生成。
4.6.2.1分布式安全模式
在分布式安全模式下,网络中没有唯一的信任中心。密钥通过使用标准传输密钥命令的网络路由器或其他带外方法分发给连接设备。
4.6.2.2集中安全模式
信任中心的集中安全模式是为需要集中安全设备和安全策略集的应用程序设计的。在这种模式下,信任中心可以与网络中的所有设备保持设备列表、Link key和Nwk Key; 但必须维护网络密钥,控制网络准入政策。在这种模式下,NIB中的nwkAllFresh属性应该设置为FALSE。每一个安全连接网络的设备都应该有一个Global Link key或者一个唯一的Link key,这取决于使用中的应用程序。为了安全地将设备连接到网络,信任中心必须事先知道Link key的值和类型(全局或惟一)。Global Link key的优点是信任中心所需的内存不会随着网络中设备的数量而增长。惟一Link key的优点是对于网络上的每个设备都是惟一的,并且可以从网络上的其他设备保护应用程序通信。这两种类型的密钥都可以在网络上使用,但是每个设备密钥对只能使用一种类型的密钥。
集中安全的安全策略设置将在4.7.1节中进一步详细介绍。
以下是个人理解(欢迎指正):
集中安全模式:
相对于分布式网络,集中式网络具备更高的安全性,由Coordinator建立;路由器和终端设备需要知道Global Link key才可以加入网络;在ZigBee3.0中每个设备都可以使用Install Code生成唯一的Link key,Coordinator也需要知道这个Link key。
分布式安全模式:
没有Coordinator,即没有信任中心,Router可以建立/加入分布式网络,EndDevice可以加入分布式网络;在新设备加入网络时任何路由都可以发送网络秘钥给它,所有设备都使用同一秘钥。