网络与信息安全学报 (Jun 2024)

Collaborative security assessment of cloud-edge-device distributed systems based on order parameters

  • FAN Qigang,
  • JIANG Zhongyuan,
  • LI Xinghua,
  • MA Jianfeng

Journal volume & issue
Vol. 10
pp. 38 – 51

Abstract

Read online

Distributed computing systems based on cloud-edge-device have been successfully serving thousands of applications and have become mainstream, characterized by a wide audience, high user experience requirements, and high security expectations. However, in recent years, frequent attacks on cloud-edge-device systems have resulted in serious security risks and significant economic losses for users. The defense mechanisms of cloud-edge-device systems have been found to operate independently, leading to major differences in the ability to resist risks, which makes it difficult to eliminate global security risks. Security measures of the pre-configuration and post-event remedy type have been found to hardly meet the security needs of high-load and high real-time in cloud-edge-device collaborative networks. The root cause has been identified as the hierarchical architecture of cloud-edge-device systems being separate, and no effective collaborative defense system has been formed, leading to problems such as difficult cross-domain security governance, poor real-time performance, and difficult collaborative consistency evaluation. Firstly, a cloud-edge-device collaborative security architecture that integrates real-time perception, dynamic decision, and proactive defense was proposed. The cloud-edge-device security collaboration capability was established through rigorous theoretical consistency proofs. Secondly, a collaborative security assessment model based on the order parameter was put forward to achieve consistency of risk perception, decision, and defense. In this way, the efficient and low-cost collaborative protection of security risks could be realized to maximize systemic security benefits. Finally, the consistency theory and assessment method were verified through simulations. The results show that the proposed collaborative security system and consistency evaluation model are correct and effective.

Keywords