物联网学报 ›› 2022, Vol. 6 ›› Issue (4): 149-157.doi: 10.11959/j.issn.2096-3750.2022.00292

• 理论与技术 • 上一篇    下一篇

工业互联网边缘终端初始接入可信度量方法研究

于亚1,2, 伏玉笋2,3,4   

  1. 1 上海交通大学宁波人工智能研究院,浙江 宁波 315000
    2 上海交通大学电子信息与电气工程学院,上海 200240
    3 系统控制与信息处理教育部重点实验室,上海 200240
    4 上海工业智能管控工程技术研究中心,上海 200240
  • 修回日期:2022-08-04 出版日期:2022-12-30 发布日期:2022-12-01
  • 作者简介:于亚(1996- ),男,上海交通大学硕士生,主要研究方向为工业通信系统与安全、可信计算、物联网安全等
    伏玉笋(1972- ),男,博士,上海交通大学助理研究员,主要研究方向为无线通信与系统、无线网联智能系统、工业互联网与安全可信、智能制造等
  • 基金资助:
    国家重点研发计划(2019YFB1705703);宁波市重大科技任务攻关项目(2021Z022)

Research on trust measurement method for initial access of industrial internet edge terminals

Ya YU1,2, Yusun FU2,3,4   

  1. 1 Ningbo Artificial Intelligence Institute of Shanghai Jiao Tong University, Ningbo 315000, China
    2 School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai 200240, China
    3 Key Laboratory of System Control and Information Processing, Ministry of Education of China, Shanghai 200240, China
    4 Shanghai Engineering Research Center of Intelligent Control and Management, Shanghai 200240, China
  • Revised:2022-08-04 Online:2022-12-30 Published:2022-12-01
  • Supported by:
    The National Key Research and Development Program of China(2019YFB1705703);The Major Scientific and Technological Research Program of Ningbo(2021Z022)

摘要:

离散制造业的发展呈现智能、开放和协同的趋势,大量异构设备接入工业互联网,给安全带来了严重挑战,因此,引入信任管理和对设备进行可信度量的初始接入显得尤为重要。为了更加及时准确地评估初始接入系统的边缘终端的可信程度,创新性地提出了一种基于设备漏洞数据库的可信度量方法。该方法采用云边协同的架构,在中央云端建立设备信息库和漏洞数据库,然后在边缘端计算终端风险因子,最后完成对接入终端的信任初始化。仿真结果表明,该方法很好地兼顾了系统的性能和安全。

关键词: 工业互联网, 设备接入, 安全, 信任管理, 可信度量, 漏洞评估

Abstract:

The development of the discrete manufacturing shows a trend of intelligence, openness and collaboration.As a result, many heterogeneous devices are connected to the industrial internet, which brings serious challenges to the security.Therefore, it is particularly important to introduce trust management and trusted access to devices for trusted measurement.In order to more timely and accurately evaluate the trustworthiness of the edge terminal initially accessing the system, a trustworthiness measurement method based on the device vulnerability database was innovatively proposed.This method adopted the architecture of cloud-edge collaboration, established a device information database and a vulnerability database in the central cloud, and then calculated the terminal risk factor at the edge.Finally, the trust initialization of the access terminal was completed.The simulation results show that the method can well balance the efficiency and security of the system.

Key words: industrial internet, device access, security, trust management, trust measurement, vulnerability assessment

中图分类号: 

No Suggested Reading articles found!