工业互联网边缘终端初始接入可信度量方法研究

于亚; 伏玉笋

doi:10.11959/j.issn.2096-3750.2022.00292

您当前的位置：

首页 >

文章列表页 >

工业互联网边缘终端初始接入可信度量方法研究

理论与技术 | 更新时间：2024-08-16

- 工业互联网边缘终端初始接入可信度量方法研究
- Research on trust measurement method for initial access of industrial internet edge terminals
- 物联网学报 2022年6卷第4期页码：149-157
- 作者机构：
  
  1. 上海交通大学宁波人工智能研究院，浙江宁波 315000
  2. 上海交通大学电子信息与电气工程学院，上海 200240
  3. 系统控制与信息处理教育部重点实验室，上海 200240
  4. 上海工业智能管控工程技术研究中心，上海 200240
- 作者简介：
  
  [ "于亚（1996- ），男，上海交通大学硕士生，主要研究方向为工业通信系统与安全、可信计算、物联网安全等" ]
  [ "伏玉笋（1972- ），男，博士，上海交通大学助理研究员，主要研究方向为无线通信与系统、无线网联智能系统、工业互联网与安全可信、智能制造等" ]
- 基金信息：
  
  国家重点研发计划;The National Key Research and Development Program of China(2019YFB1705703);宁波市重大科技任务攻关项目;The Major Scientific and Technological Research Program of Ningbo(2021Z022)
- DOI：10.11959/j.issn.2096-3750.2022.00292
  中图分类号： TN915.08
- 纸质出版日期：2022-12-30，
  
  网络出版日期：2022-12，
- 稿件说明：
移动端阅览
于亚, 伏玉笋. 工业互联网边缘终端初始接入可信度量方法研究[J]. 物联网学报, 2022,6(4):149-157.

YA YU, YUSUN FU. Research on trust measurement method for initial access of industrial internet edge terminals. [J]. Chinese journal on internet of things, 2022, 6(4): 149-157.
于亚, 伏玉笋. 工业互联网边缘终端初始接入可信度量方法研究[J]. 物联网学报, 2022,6(4):149-157. DOI： 10.11959/j.issn.2096-3750.2022.00292.

YA YU, YUSUN FU. Research on trust measurement method for initial access of industrial internet edge terminals. [J]. Chinese journal on internet of things, 2022, 6(4): 149-157. DOI： 10.11959/j.issn.2096-3750.2022.00292.

摘要

离散制造业的发展呈现智能、开放和协同的趋势，大量异构设备接入工业互联网，给安全带来了严重挑战，因此，引入信任管理和对设备进行可信度量的初始接入显得尤为重要。为了更加及时准确地评估初始接入系统的边缘终端的可信程度，创新性地提出了一种基于设备漏洞数据库的可信度量方法。该方法采用云边协同的架构，在中央云端建立设备信息库和漏洞数据库，然后在边缘端计算终端风险因子，最后完成对接入终端的信任初始化。仿真结果表明，该方法很好地兼顾了系统的性能和安全。

Abstract

The development of the discrete manufacturing shows a trend of intelligence

openness and collaboration.As a result

many heterogeneous devices are connected to the industrial internet

which brings serious challenges to the security.Therefore

it is particularly important to introduce trust management and trusted access to devices for trusted measurement.In order to more timely and accurately evaluate the trustworthiness of the edge terminal initially accessing the system

a trustworthiness measurement method based on the device vulnerability database was innovatively proposed.This method adopted the architecture of cloud-edge collaboration

established a device information database and a vulnerability database in the central cloud

and then calculated the terminal risk factor at the edge.Finally

the trust initialization of the access terminal was completed.The simulation results show that the method can well balance the efficiency and security of the system.

关键词

工业互联网设备接入安全信任管理可信度量漏洞评估

Keywords

industrial internetdevice accesssecuritytrust managementtrust measurementvulnerability assessment

references

陶永, 蒋昕昊, 刘默 ,等. 智能制造和工业互联网融合发展初探[J]. 中国工程科学, 2020,22(4): 24-33.

TAO Y, JIANG X H, LIU M ,et al. A preliminary study on the integra-tion of intelligent manufacturing and industrial internet[J]. Strategic Study of CAE, 2020,22(4): 24-33.

陶利民 . 开放网络环境下基于不确定性理论的主观信任管理研究[D]. 杭州:浙江工业大学, 2013.

TAO L M . Research on subjective trust management based on uncer-tainty theory under open network environment[D]. Hangzhou:Zhe-jiang University of Technology, 2013.

冯玉翔 . 大规模分布式环境下动态信任管理机制的研究[D]. 广州:华南理工大学, 2013.

FENG Y X . Research on dynamic trust management for large scale distributed environment[D]. Guangzhou:South China University of Technology, 2013.

边缘计算产业联盟,工业互联网产业联盟. 边缘计算与云计算协同白皮书2.0[R]. 2007.

Edge Computing Consortium (ECC),Alliance of Industrial Internet (AII). Edge computing and cloud computing collaboration white paper 2.0[R]. 2007.

董悦, 王志勤, 田慧蓉 ,等. 工业互联网安全技术发展研究[J]. 中国工程科学, 2021,23(2): 65-73.

DONG Y, WANG Z Q, TIAN H R ,et al. Development of industrial internet security technology in China[J]. Strategic Study of CAE, 2021,23(2): 65-73.

CLEMENS J, PAL R, PHILIP P . Poster abstract:extending trust and attestation to the edge[C]// Proceedings of 2016 IEEE/ACM Symposium on Edge Computing (SEC). Piscataway:IEEE Press, 2016: 101-102.

SHAPSOUGH S, ALOUL F, ZUALKERNAN I A . Securing low-resource edge devices for IoT systems[C]// Proceedings of 2018 International Symposium in Sensing and Instrumentation in IoT Era (ISSI). Piscataway:IEEE Press, 2018: 1-4.

张鑫, 杨晓元, 朱率率 ,等. 物联网环境下移动节点可信接入认证协议[J]. 计算机应用, 2016,36(11): 3108-3112.

ZHANG X, YANG X Y, ZHU S S ,et al. Trusted access authentication protocol for mobile nodes in Internet of Things[J]. Journal of Comput-er Applications, 2016,36(11): 3108-3112.

张玉婷, 严承华, 魏玉人 . 基于节点认证的物联网感知层安全性问题研究[J]. 信息网络安全, 2015(11): 27-32.

ZHANG Y T, YAN C H, WEI Y R . Research on security of IoT per-ception layer based on node authentication[J]. Netinfo Security, 2015(11): 27-32.

钱明茹 . 物联网中基于属性的安全访问控制研究[D]. 沈阳:辽宁大学, 2013.

QIAN M R . Research on security attribute-based access control in the Internet of Things[D]. Shenyang:Liaoning University, 2013.

GUIN U, CUI P C, SKJELLUM A . Ensuring proof-of-authenticity of IoT edge devices using blockchain technology[C]// Proceedings of 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber,Physical and Social Computing (CPSCom) and IEEE Smart Data. Piscataway:IEEE Press, 2018: 1042-1049.

向宏, 夏晓峰 . 轻量级密码在资源受限设备安全中的应用简析[J]. 自动化博览, 2018,35(S2): 72-75.

XIANG H, XIA X F . Overview on the application of lightweight cryptography in resource-constrained system security[J]. Automation Panorama, 2018,35(S2): 72-75.

LOU X, TELLABI A . Cybersecurity threats,vulnerability and analysis in safety critical industrial control system (ICS)[C]// Recent Developments on Industrial Control Systems Resilience. Cham:Springer, 2020: 75-97.

徐震, 周晓军, 王利明 ,等. PLC 攻防关键技术研究进展[J]. 信息安全学报, 2019,4(3): 48-69.

XU Z, ZHOU X J, WANG L M ,et al. Recent advances in PLC attack and protection technology[J]. Journal of Cyber Security, 2019,4(3): 48-69.

荆琦, 唐礼勇, 陈钟 . 无线传感器网络中的信任管理[J]. 软件学报, 2008,19(7): 1716-1730.

JING Q, TANG L Y, CHEN Z . Trust management in wireless sensor networks[J]. Journal of Software, 2008,19(7): 1716-1730.

夏辉, 张三顺, 孙运传 ,等. 车载自组网中基于信任管理的安全组播协议设计[J]. 计算机学报, 2019,42(5): 961-979.

XIA H, ZHANG S S, SUN Y C ,et al. Design of trust-based secure multicast routing protocol in VANETs[J]. Chinese Journal of Comput-ers, 2019,42(5): 961-979.

JAYASINGHE U . Trust evaluation in the IoT environment[D]. Liverpool John Moores University. 2018.

梁洪泉, 吴巍 . 基于动态贝叶斯网络的可信度量模型研究[J]. 通信学报, 2013,34(9): 68-76.

LIANG H Q, WU W . Research of trust evaluation model based on dynamic Bayesian network[J]. Journal on Communications, 2013,34(9): 68-76.

JAYASINGHE U, LEE G M, UM T W ,et al. Machine learning based trust computational model for IoT services[J]. IEEE Transactions on Sustainable Computing, 2019,4(1): 39-52.

WANG Y B, WEN J H, ZHOU W ,et al. A novel dynamic cloud service trust evaluation model in cloud computing[C]// Proceedings of 2018 17th IEEE International Conference on Trust,Security and Privacy In Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE). Piscataway:IEEE Press, 2018: 10-15.

WU D X, SHEN G H, HUANG Z Q ,et al. A trust-aware task offloading framework in mobile edge computing[J]. IEEE Access, 2019,7: 150105-150119.

WANG T, LUO H, JIA W J ,et al. MTES:an intelligent trust evaluation scheme in sensor-cloud-enabled industrial Internet of Things[J]. IEEE Transactions on Industrial Informatics, 2020,16(3): 2054-2062.

LI W J, MENG W Z, KWOK L F ,et al. Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model[J]. Journal of Network and Computer Applications, 2017,77: 135-145.

JIA C H, LIN K, DENG J . A multi-property method to evaluate trust of edge computing based on data driven capsule network[C]// Proceedings of IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops. Piscataway:IEEE Press, 2020: 616-621.

蒋伟进, 许宇胜, 郭宏 ,等. 网络在线交易动态信任计算模型与信誉管理机制[J]. 中国科学:信息科学, 2014,44(9): 1084-1101.

JIANG W J, XU Y S, GUO H ,et al. Dynamic trust calculation model and credit management mechanism of online trading[J]. Scientia Sini-ca (Informationis), 2014,44(9): 1084-1101.

FRIEDMAN E J, RESNICK P . The social cost of cheap pseudonyms[J]. Journal of Economics ＆ Management Strategy, 2001,10(2): 173-199.

胡建理, 周斌, 吴泉源 ,等. P2P 网络环境下基于信誉的分布式抗攻击信任管理模型[J]. 计算机研究与发展, 2011,48(12): 2235-2241.

HU J L, ZHOU B, WU Q Y ,et al. A reputation-based attack-resistant distributed trust management model for P2P networks[J]. Journal of Computer Research and Development, 2011,48(12): 2235-2241.

付才, 洪帆, 洪亮 ,等. 基于信任保留的移动Ad Hoc网络安全路由协议TPSRP[J]. 计算机学报, 2007,30(10): 1853-1864.

FU C, HONG F, HONG L ,et al. Mobile ad hoc secure routing proto-col based on trust preserving[J]. Chinese Journal of Computers, 2007,30(10): 1853-1864.

GAO Z P, ZHAO W S, XIA C X ,et al. A credible and lightweight multidimensional trust evaluation mechanism for service-oriented IoT edge computing environment[C]// Proceedings of 2019 IEEE International Congress on Internet of Things. Piscataway:IEEE Press, 2019: 156-164.

FIGUEROA L S, AÑORGA J, ARRIZABALAGA S . A survey of IIoT protocols:A measure of vulnerability risk analysis based on CVSS[J]. ACM Computing Surveys, 2021,53(2): 44.

陶耀东, 贾新桐, 吴云坤 . 一种工业控制系统漏洞风险评估方法[J]. 小型微型计算机系统, 2020,41(3): 603-609.

TAO Y D, JIA X T, WU Y K . Industry control system vulnerability risk assessment method[J]. Journal of Chinese Computer Systems, 2020,41(3): 603-609.

魏志强, 周炜, 任相军 ,等. 普适计算环境中防护策略的信任决策机制研究[J]. 计算机学报, 2012,35(5): 871-882.

WEI Z Q, ZHOU W, REN X J ,et al. A strategy-proof trust based decision mechanism for pervasive computing environments[J]. Chi-nese Journal of Computers, 2012,35(5): 871-882.

浏览量

231

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

鼠标行为HHT变换的工业互联网用户身份认证

工业互联网的概念、体系架构及关键技术

面向工业互联网的制造服务协作等级协议轻量级框架研究

基于区块链的安全车联网数字取证系统

基于区块链的物联网设备标识研究