【Author】
Li, Dawei; Zhang, Enzhun; Lei, Ming; Song, Chunxiao
【Source】MATHEMATICAL BIOSCIENCES AND ENGINEERING
【Abstract】Edge computing offloads the data processing capacity to the user side, provides flexible and efficient computing services for the development of smart city, and brings many security challenges. Aiming at the problems of fuzzy boundary security protection and dynamic identity authentication in the edge computing environment in smart city, the zero trust architecture based on blockchain is studied, and a digital identity model and dynamic authentication scheme of edge computing nodes based on distributed ledger are proposed. Firstly, a digital identity model of two-way authentication between edge computing node and sensing terminal is established to realize fine-grained authorization and access control in edge computing. Secondly, based on the identity data and behavior log bookkeeping on the chain, the quantification of trust value, trust transmission and update are realized, and the traceability of security events is improved. Finally, based on the improved RAFT consensus algorithm, the multi-party consensus and consistency accounting in the authentication process are realized. Simulation results show that this scheme can meet the requirements of zero trust verification in edge computing environment, and has good efficiency and robustness.
【Keywords】blockchain; Internet of things; zero trust; edge computing; secret sharing; consensus algorithm
【标题】边缘计算环境中的零信任:基于区块链的实用方案
【摘要】边缘计算将数据处理能力卸载到用户侧,为智慧城市发展提供灵活高效的计算服务,也带来诸多安全挑战。针对智慧城市边缘计算环境中的模糊边界安全保护和动态身份认证问题,研究了基于区块链的零信任架构,提出了一种基于分布式账本的边缘计算节点数字身份模型和动态认证方案。建议的。首先,建立边缘计算节点与感知终端双向认证的数字身份模型,实现边缘计算中的细粒度授权和访问控制。其次,基于链上的身份数据和行为日志记账,实现信任值的量化、信任的传递和更新,提高安全事件的可追溯性。最后,基于改进的RAFT共识算法,实现了认证过程中的多方共识和一致性记账。仿真结果表明,该方案能够满足边缘计算环境下零信任验证的要求,具有良好的效率和鲁棒性。
【关键词】区块链;物联网;零信任;边缘计算;秘密分享;共识算法
评论