计算机工程与应用 ›› 2020, Vol. 56 ›› Issue (17): 115-120.DOI: 10.3778/j.issn.1002-8331.1906-0127

• 网络、通信与安全 • 上一篇    下一篇

边缘计算场景下的异构终端安全接入技术研究

马媛媛,刘周斌,汪自翔   

  1. 1.全球能源互联网研究院 信息通信研究所,南京 210000
    2.信息网络安全国网重点实验室,南京 210000
    3.国网浙江省电力有限公司 双创中心,杭州 310000
    4.国网浙江省电力有限公司 电力科学研究院,杭州 310000
  • 出版日期:2020-09-01 发布日期:2020-08-31

Research on Heterogeneous Terminal Security Access Technology in Edge Computing Scenario

MA Yuanyuan, LIU Zhoubin, WANG Zixiang   

  1. 1.Institute of Information and Communication, Global Energy Interconnection Research Institute, Nanjing 210000, China
    2.State Grid Key Laboratory of Information & Network Security, Nanjing 210000, China
    3.Double Innovation Center, State Grid Zhejiang Electric Power Co., Ltd., Hangzhou 310000, China
    4.Electric Power Research Institute, State Grid Zhejiang Electric Power Co., Ltd., Hangzhou 310000, China
  • Online:2020-09-01 Published:2020-08-31

摘要:

边缘计算能够对海量终端设备的请求进行实时性处理,但是边缘计算的分布性和实时性等特点也为信息安全的防护带来了更多的局限,身份认证和隐私保护是边缘计算的应用和数据的安全防护需要面临的挑战问题。阐述了当前边缘计算终端安全接入时的信息安全需求,分析了其可能面临的信息安全威胁,提出了一种边缘计算场景下“云-边-端”三层体系的异构终端接入认证机制,方案能够支持海量终端的接入认证请求,并且通过匿名身份的方式保障了终端设备的隐私性。

关键词: 边缘计算, 身份认证, 匿名认证, 隐私保护

Abstract:

Edge computing enables real-time processing of requests from massive end devices. However, the distribution and real-time characteristics of edge computing also bring more limitations to the protection of information security. Identity authentication and privacy protection are challenges for edge computing applications and data security protection. In this paper, it describes the information security requirements of the current edge computing terminal security access, analyzes the information security threats it may face, and proposes a heterogeneous terminal access authentication mechanism for the “cloud-edge-end” three-tier system in the edge computing scenario. The solution can support the access authentication request of the mass terminal, and protects the privacy of the terminal device by means of an anonymous identity.

Key words: edge computing, authentication, anonymous authentication, privacy protection