摘要
随着国密算法的推广,对算力网络进行了深入的研究,提出了更高效合理的算力网络安全方案,方案借助国密算法保证算力网络的数据安全及隐私。设计方案内容主要包括:通过底层资源支撑算力需求及密码调用,算力编排层提供数据算力的编排能力;同时,算力调度层智能判别算力资源调度分配的最优节点;密码加固层使用基于硬件支撑下的国密算法,借助公钥密码体制、哈希函数、数字信封、同态加密、区块链等技术,重点研究了算力网络接入安全、传输安全、数据安全及隐私保护方面的安全实现。研究方案创新性地提出了一种保障算力网络数据安全的架构及应用形式,能够满足应用层算力在大数据、智能技术等场景的需求。通过国密算法赋能算力网络,提升算力网络的安全性。
With the promotion of national secret algorithm,in-depth research on the arithmetic network was carried out,a more efficient and reasonable security scheme for the arithmetic network was proposed,ensuring the data secu-rity and privacy of the arithmetic network with the help of the state secret algorithm.The main elements of the design program included:Supporting arithmetic demand and cryptographic invocation through the underlying resources,the arithmetic orchestration layer provided the ability to orchestrate data arithmetic,meanwhile,the arithmetic scheduling layer intelligently discerned the optimal nodes for arithmetic resource scheduling and allocation;the cryptographic reinforcement layer used the national secret algorithm based on hardware support with the help of public key crypto-system,hash function,digital envelope,homomorphic encryption,blockchain and other technologies.Focusing on arithmetic network access security,transmission security,data security and privacy protection aspects of security im-plementation.An architecture and application form was innovatively proposed to guarantee the data security of the arithmetic network,which could meet the needs of the application layer arithmetic in the scenarios of big data,intel-ligent technology,etc..The security of the arithmetic network is enhanced by empowering the arithmetic network through the state-secret algorithm.
作者
潘洁
叶兰
张鹏飞
卜忠贵
PAN Jie;YE Lan;ZHANG Pengfei;BU Zhonggui(China Mobile Group Design Institute Co.,Ltd.,Beijing 100080,China;China Mobile Group,Beijing 100032,China)
出处
《电信科学》
2023年第8期157-166,共10页
Telecommunications Science
关键词
算力网络
国密算法
隐私保护
同态加密
区块链
compute first networking
national secret algorithm
privacy protection
fully homomorphic encryption
blockchain