摘要
离散制造业的发展呈现智能、开放和协同的趋势,大量异构设备接入工业互联网,给安全带来了严重挑战,因此,引入信任管理和对设备进行可信度量的初始接入显得尤为重要。为了更加及时准确地评估初始接入系统的边缘终端的可信程度,创新性地提出了一种基于设备漏洞数据库的可信度量方法。该方法采用云边协同的架构,在中央云端建立设备信息库和漏洞数据库,然后在边缘端计算终端风险因子,最后完成对接入终端的信任初始化。仿真结果表明,该方法很好地兼顾了系统的性能和安全。
The development of the discrete manufacturing shows a trend of intelligence,openness and collaboration.As a result,many heterogeneous devices are connected to the industrial internet,which brings serious challenges to the security.Therefore,it is particularly important to introduce trust management and trusted access to devices for trusted measurement.In order to more timely and accurately evaluate the trustworthiness of the edge terminal initially accessing the system,a trustworthiness measurement method based on the device vulnerability database was innovatively proposed.This method adopted the architecture of cloud-edge collaboration,established a device information database and a vulnerability database in the central cloud,and then calculated the terminal risk factor at the edge.Finally,the trust initialization of the access terminal was completed.The simulation results show that the method can well balance the efficiency and security of the system.
作者
于亚
伏玉笋
YU Ya;FU Yusun(Ningbo Artificial Intelligence Institute of Shanghai Jiao Tong University,Ningbo 315000,China;School of Electronic Information and Electrical Engineering,Shanghai Jiao Tong University,Shanghai 200240,China;Key Laboratory of System Control and Information Processing,Ministry of Education of China,Shanghai 200240,China;Shanghai Engineering Research Center of Intelligent Control and Management,Shanghai 200240,China)
出处
《物联网学报》
2022年第4期149-157,共9页
Chinese Journal on Internet of Things
基金
国家重点研发计划(No.2019YFB1705703)
宁波市重大科技任务攻关项目(No.2021Z022)。
关键词
工业互联网
设备接入
安全
信任管理
可信度量
漏洞评估
industrial internet
device access
security
trust management
trust measurement
vulnerability assessment
