边缘计算安全综述与展望

Summary and prospect of edge computing security

随着信息通信技术和物联网技术的发展,连接网络的设备数和产生的数据量都呈指数级增长,由此产生了一系列新应用场景,传统的基于云的集中式大数据处理模式已经不能完全满足应用需求。边缘计算这种将原有的云计算中心的部分或全部计算任务迁移到数据源附近的新计算模式逐渐受到各界的广泛重视,相关企业、产业组织和开源平台也逐渐发展起来,推出了一系列边缘计算参考架构,而它们对安全都很重视。鉴于此,对已有的边缘计算参考架构中的安全部分进行分析和整理,发现其一致认为采用分层的安全措施和整体的安全监测和运营是解决边缘计算安全的有效途径。但目前还没有独立的安全框架对边缘计算安全进行系统化和完整性的论述,从而不利于边缘计算的推广和应用。因此,从安全目标、安全管理、安全技术和应用领域为制定专门的边缘计算安全框架提出了几点建议。

With the development of information,communication and Internet of Things technologies,the number of devices connected to the Internet and the amount of data generated have increased exponentially,resulting in a number of new application scenarios.The traditional cloud-based centralized big data processing mode cannot fully meet the needs of the new application scenarios.Edge computing is a new computing model that migrates some or all of the computing tasks of the original cloud computing center to the vicinity of the data source.It has gradually attracted widespread attention from various industries.Relevant enterprises,industrial organizations and open source platforms have published a series of reference architectures for edge computing,which these documents are highly security focused.In this paper,the existing reference architectures for edge computing are collated and analyzed,and it is found that defense-in-depth and overall security operation are the effective ways to solve the security problem of edge computing.However,there is no independent security reference architecture to systematically describe the security of edge computing,and this is not conducive to the promotion and application of edge computing.This paper gives some preliminary suggestions from the aspects of security objectives,security management,security technology and application fields.