摘要
[目的/意义]边缘计算是互联网与物联网技术综合发展的最新形态.边缘计算的特点是能够将物理地域分散的各种设备,包括网络、物联网、终端等设备互通互联,并在此基础上统一地需求分发、资源调度和资源纳管.边缘计算当中的底层基础平台和安全问题,逐渐成为重点研究问题.[方法/过程]针对边缘计算中资源调度、资源纳管以及安全传输问题,提出的内容和功能分发网络,是位于底层的操作系统级边缘计算平台,能够对所纳管的设备统一管理,实现计算、网络、存储等资源的统一调度.针对边缘计算安全问题,提出了基于公开密钥基础设施的安全机制研究.[结果/结论]内容和功能分发网络能够有效地实现需求分发、资源调度和资源纳管.实验表明,内容和功能分发网络中的基于公开密钥基础设施,能够有效地抵御嗅探攻击、中间人攻击等边缘计算中常见的攻击方式.
[Purpose/Significance]Edge computing is the latest form of comprehensive development of Internet and Internet of Things technology.Edge computing is characterized by interconnecting various devices,including network devices,Internet of Things devices and terminal devices,which are physically dispersed geographically,and on this basis,unified demand distribution,resource scheduling and resource management are carried out.The underlying platform and security issues in edge computing have gradually become the focus of research.[Method/Process]Aiming at the problems of resource scheduling,management and secure transmission in edge computing,the content and Function Delivery Network proposed in this paper is an operating system-level edge computing platform located at the bottom,which can manage the managed devices in a unified manner and realize the unified scheduling of computing,network,storage and other resources.To solve the security problem of edge computing,a security mechanism based on public key infrastructure is proposed in this paper.[Results/Conclusion]Content and Function Delivery Network can effectively realize demand distribution,resource scheduling and resource management.Experimental results show that public key based infrastructure in content and function Delivery network can effectively resist common edge computing attacks such as sniffer attack and man-in-the-middle attack.
作者
王易风
陈迅
纪添
Wang Yifeng;Chen Xun;Ji Tian(China Mobile Group Zhejiang Corporation,Zhejiang Hangzhou 310000;Shenzhen Polytechnic,Guangdong Shenzhen 518000;Research Institute of Tsinghua University in Shenzhen,Guangdong Shenzhen 518000)
出处
《网络空间安全》
2022年第4期40-47,54,共9页
Cyberspace Security
关键词
内容和功能分发网络
网络调度
网络安全
公开密钥
嗅探攻击
content and function delivery networks
network scheduling
network security
public key
sniffer attack
作者简介
王易风(1981-),男,汉族,浙江绍兴人,清华大学,硕士,中国移动浙江公司,工程师,主要研究方向和关注领域:功能分发网络、边缘计算;陈迅(1985-),女,汉族,山东威海人,清华大学,硕士,深圳职业技术学院,讲师,主要研究方向和关注领域:工业设计工程;纪添(1989-),男,汉族,江西景德镇人,清华大学,硕士,深圳清华大学研究院,工程师,主要研究方向和关注领域:云网融合、边缘计算、软件定义广域网。
