CN113162985B - Edge resource lightweight containerization integration and hierarchical domain sharing method and system - Google Patents

Edge resource lightweight containerization integration and hierarchical domain sharing method and system Download PDF

Info

Publication number
CN113162985B
CN113162985B CN202110322260.0A CN202110322260A CN113162985B CN 113162985 B CN113162985 B CN 113162985B CN 202110322260 A CN202110322260 A CN 202110322260A CN 113162985 B CN113162985 B CN 113162985B
Authority
CN
China
Prior art keywords
edge
data
edge resource
evaluation
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110322260.0A
Other languages
Chinese (zh)
Other versions
CN113162985A (en
Inventor
王军平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Saibo Yunrui Intelligent Technology Co ltd
Original Assignee
Beijing Saibo Yunrui Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Saibo Yunrui Intelligent Technology Co ltd filed Critical Beijing Saibo Yunrui Intelligent Technology Co ltd
Priority to CN202110322260.0A priority Critical patent/CN113162985B/en
Publication of CN113162985A publication Critical patent/CN113162985A/en
Application granted granted Critical
Publication of CN113162985B publication Critical patent/CN113162985B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention provides a method and a system for edge resource lightweight containerized integration and hierarchical domain sharing, wherein the method comprises the following steps: acquiring edge resources to be processed; integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container; and configuring a hierarchical domain sharing rule for the edge resource container. The lightweight containerization integration and hierarchical domain sharing method for the edge resources improves the control strength of the access of the edge resources through a hierarchical domain sharing mechanism, and improves the efficiency of deploying the edge resources through containerization.

Description

Edge resource lightweight containerization integration and hierarchical domain sharing method and system
Technical Field
The invention relates to the technical field of data processing and sharing, in particular to a lightweight container integration and hierarchical domain sharing method and system for edge resources.
Background
At present, edge computing is to construct a distributed open system fusing network, computing, storage and application core capabilities on the network edge side close to an object or a data source, so as to provide intelligent services nearby and meet key requirements of manufacturing industry in aspects of agile connection, real-time service, data optimization, application intelligence, safety, privacy protection and the like.
With the continuous improvement of the informatization construction level, the operation and maintenance environment is increasingly complex, so that how to strengthen the access control strength on the edge resources of the user on the premise of ensuring that the original edge calculation is not influenced becomes a problem to be solved urgently.
Disclosure of Invention
One of the objectives of the present invention is to provide a lightweight containerization integration and hierarchical domain sharing method for edge resources, which improves the control strength of access to the edge resources through a hierarchical domain sharing mechanism, and improves the efficiency of deploying the edge resources through containerization.
The embodiment of the invention provides a lightweight containerization integration and hierarchical domain sharing method for edge resources, which comprises the following steps:
acquiring edge resources to be processed;
integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and configuring a hierarchical domain sharing rule for the edge resource container.
Preferably, the edge resource to be processed includes: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or deny data to enter or exit.
Preferably, integrating the edge resource to be processed based on a preset lightweight container template to obtain the edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Preferably, the configuring the hierarchical domain sharing rule for the edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a sharing area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing authority for the edge resource container.
Preferably, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further includes:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource containers based on the shared information records comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
Figure GDA0003679116170000031
wherein A is a first correlation value; a. The 0 The number of downloads; a is i The ith data value in the matrix is used;
Figure GDA0003679116170000032
the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta 1 、θ 2 Is a preset weight coefficient; n is the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
Figure GDA0003679116170000033
wherein B is a second correlation value, B j Is the jth evaluation value in the evaluation matrix;
Figure GDA0003679116170000034
the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, and calculating as follows:
K=μ 1 A+μ 2 B;
wherein K is a usable value; mu.s 1 、μ 2 Is a preset weight, mu 12 =1。
Preferably, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
Figure GDA0003679116170000041
wherein P is the degree of matching, x k Is the kth parameter value of the first vector; y is k Is the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching degree in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
Preferably, the method for integrating edge resource lightweight containerization and sharing hierarchical domains further includes:
when a cross-level and cross-domain obtaining instruction of a user is received, obtaining a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
The invention also provides a lightweight containerization integration and hierarchical domain sharing system for edge resources, which comprises:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container.
Preferably, the edge resource to be processed includes: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or deny data to enter or exit.
Preferably, integrating the edge resource to be processed based on a preset lightweight container template to obtain the edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic diagram of an edge resource lightweight containerization integration and hierarchical domain sharing method according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
The embodiment of the invention provides a method for edge resource lightweight containerization integration and hierarchical domain sharing, which comprises the following steps of:
step S1: acquiring edge resources to be processed;
step S2: integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and step S3: and configuring a hierarchical domain sharing rule for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge resource is subjected to lightweight containerization to form an edge resource container, namely, various module files used by the edge resource are integrated, and the integration can be specifically expressed as mirror image files of the edge resource container, and then a hierarchical domain sharing rule is configured, so that the edge resource container can be shared in the hierarchy and the domains where the edge resource to be processed is located; users in the same classification and domain can obtain the edge resource container, the security of the edge resource container is improved based on a classification and domain sharing mechanism, and the data security is improved. By integrating the edge resources, the efficiency of system configuration after the user downloads is improved.
In one embodiment, the pending edge resources include: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge computing is realized according to the edge gateway module, the edge cloud module, the log management module and the safety control module, and after containerization integration, rapid deployment in a new operating environment is realized.
In one embodiment, integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
The working principle and the beneficial effects of the technical scheme are as follows:
when containerization integration is carried out, firstly, integrity is verified, and the requirement of edge calculation can be met after containerization integration is ensured; during integration, integration is mainly carried out on the basis of a lightweight container template, so that rapid integration is realized; and when the integrity verification fails, outputting the type information of the missing resources, and completing by the provider of the edge resources to be processed, or completing according to the edge resources to be processed from a preset resource library.
In one embodiment, configuring a hierarchical domain sharing rule for an edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the atmosphere,
setting a sharing area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing authority for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the sharing rules include: the sharing times, the sharing areas, the sharing authority levels and the like are based on the sharing times, namely the sharing times are reduced by one every time the edge resource container is downloaded, and when the sharing times are zero, the sharing of the edge resource container is cancelled. The user can download the edge resource container only in the range of the shared area; and the user can download the file only when the authority level of the user meets the sharing authority.
In one embodiment, the method for integrating edge resource lightweight containerization and sharing hierarchical domains further comprises the following steps:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
Figure GDA0003679116170000081
wherein A is a first correlation value; a. The 0 The number of downloads; a is i Is the ith data value in the use matrix;
Figure GDA0003679116170000084
the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta.theta. 1 、θ 2 Is preset toThe weight coefficient of (a); n is the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
Figure GDA0003679116170000082
wherein B is a second correlation value, B j Is the jth evaluation value in the evaluation matrix;
Figure GDA0003679116170000083
the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, the calculation formula is as follows:
K=μ 1 A+μ 2 B;
wherein K is a usable value; mu.s 1 、μ 2 Is a preset weight, mu 12 =1。
The working principle and the beneficial effects of the technical scheme are as follows:
and in the sharing process of the edge resource container, tracking and monitoring the shared information record, and determining the available value of the edge resource container based on the shared information record so as to determine whether to continue sharing. And by eliminating the containers with smaller available values, the shared resources are released, and the optimization of the resources is realized. Starting from two aspects in determining the available value of the edge resource container, wherein the first aspect is starting from the conditions of downloading and using the edge resource container after downloading; the second aspect is feedback of the user for using the edge resource container, the first aspect is analysis from an objective factor, and the second aspect is analysis from a subjective factor; the subjective and objective factors are combined, and the evaluation on the edge resource container is more accurate.
In one embodiment, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
Figure GDA0003679116170000091
wherein P is the degree of matching, x k Is the kth parameter value of the first vector; y is k Is the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching degree in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
The working principle and the beneficial effects of the technical scheme are as follows:
the use data can reflect the evaluation of the user to a certain extent, and the use data is used for evaluation value verification, so that the situation that the user uses the edge resource container all the time and gives relatively poor evaluation while avoiding and evaluation inconsistent with the use data can be avoided, and the accuracy of the evaluation of the edge resource container from the subjective aspect is improved.
In one embodiment, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further comprises:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry command; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
The working principle and the beneficial effects of the technical scheme are as follows:
by setting the cross-level cross-domain authority, the cross-domain sharing is realized for the supplement of the grading and domain-division sharing; the acquisition of cross-level and cross-domain rights can be allocated by the system, for example, once a month; or, the user initiates a cross-level cross-domain application in the domain where the user is located, and whether the user gives a cross-level cross-domain authority is determined by voting of other users. After the application, the cross-level and cross-domain authority needs to be verified, so that the authority tampering is prevented, the difficulty of the authority tampering is increased based on the verification of all the users in the domain, and the safety of the authority is improved.
The invention also provides a lightweight containerization integration and hierarchical domain sharing system for edge resources, which comprises:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge resource is subjected to lightweight containerization to form an edge resource container, namely, various module files used by the edge resource are integrated and can be specifically represented as mirror images of the edge resource container, and then a hierarchical domain sharing rule is configured, so that the edge resource container can be shared in the hierarchy and the domains where the edge resource to be processed is located; users in the same classification and domain can obtain the edge resource container, the security of the edge resource container is improved based on a classification and domain sharing mechanism, and the data security is improved. By integrating the edge resources, the efficiency of system configuration after the user downloads is improved.
In one embodiment, the pending edge resources include: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge computing is realized according to the edge gateway module, the edge cloud module, the log management module and the safety control module, and after containerization integration, rapid deployment in a new operating environment is realized.
In one embodiment, integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
The working principle and the beneficial effects of the technical scheme are as follows:
when containerization integration is carried out, firstly, integrity is verified, and the requirement of edge calculation can be met after containerization integration is ensured; during integration, integration is mainly carried out on the basis of a lightweight container template, so that rapid integration is realized; and when the integrity verification fails, outputting the type information of the missing resources, and completing by the provider of the edge resources to be processed, or completing according to the edge resources to be processed from a preset resource library.
In one embodiment, configuring a hierarchical domain sharing rule for an edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a shared area for the edge resource container;
and/or the presence of a gas in the atmosphere,
and setting sharing authority for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the sharing rules include: the sharing times, the sharing areas, the sharing authority levels and the like are based on the sharing times, namely the sharing times are reduced by one every time the edge resource containers are downloaded, and when the sharing times return to zero, the sharing of the edge resource containers is cancelled. The user can download the edge resource container only in the range of the shared area; and the user's permission level is in accordance with the sharing permission.
In one embodiment, the edge resource lightweight containerization integration and hierarchical domain sharing system further comprises: the monitoring module is shared by the two modules,
the shared monitoring module performs the following operations:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
Figure GDA0003679116170000131
wherein A is a first correlation value; a. The 0 The number of downloads; a is i The ith data value in the matrix is used;
Figure GDA0003679116170000132
the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta.theta. 1 、θ 2 Is a preset weight coefficient; n is the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all verified evaluation values;
and determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
Figure GDA0003679116170000133
wherein B is a second correlation value, B j Is the jth evaluation value in the evaluation matrix;
Figure GDA0003679116170000134
the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, the calculation formula is as follows:
K=μ 1 A+μ 2 B;
wherein K is a usable value; mu.s 1 、μ 2 Is a preset weight, mu 12 =1。
The working principle and the beneficial effects of the technical scheme are as follows:
and in the process of sharing the edge resource container, tracking and monitoring the shared information record, and determining the available value of the edge resource container based on the shared information record so as to determine whether to continue sharing. And by eliminating the containers with smaller available values, the shared resources are released, and the optimization of the resources is realized. Starting from two aspects in determining the available value of the edge resource container, wherein the first aspect is starting from the conditions of downloading and using the edge resource container after downloading; the second aspect is feedback of the user to use the edge resource container, the first aspect is analysis from objective factors, and the second aspect is analysis from subjective factors; subjective factors and objective factors are integrated, and the evaluation on the edge resource container is more accurate.
In one embodiment, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
Figure GDA0003679116170000141
wherein P is the degree of matching, x k Is the kth parameter value of the first vector; y is k Is the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching degree in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
The working principle and the beneficial effects of the technical scheme are as follows:
the use data can reflect the evaluation of the user to a certain extent, and the use data is used for evaluation value verification, so that the situation that the user uses the edge resource container all the time and gives relatively poor evaluation while giving evaluation and evaluation inconsistent with the use data can be avoided, and the accuracy of evaluation on the edge resource container from a subjective level is improved.
In one embodiment, the edge resource lightweight containerization integration and hierarchical domain sharing system further comprises: a cross-domain sharing module;
the cross-domain sharing module performs the following operations:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry instruction; the response information comprises authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level cross-domain authority based on the authority verification information.
The working principle and the beneficial effects of the technical scheme are as follows:
by setting the cross-level cross-domain authority, the cross-domain sharing is realized for the supplement of the grading and domain-division sharing; the acquisition of cross-level and cross-domain rights can be allocated by the system, for example, once a month; or, the user initiates a cross-level and cross-domain application in the domain where the user is located, and whether the user gives a cross-level and cross-domain authority is determined by voting of other users. After the application, the cross-level and cross-domain authority needs to be verified, so that the authority tampering is prevented, the difficulty of the authority tampering is increased based on the verification of all the users in the domain, and the safety of the authority is improved.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (9)

1. A method for edge resource lightweight containerization integration and hierarchical domain sharing is characterized by comprising the following steps:
acquiring edge resources to be processed;
integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
configuring a hierarchical domain sharing rule for the edge resource container;
acquiring a shared information record of the edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, cancelling the sharing of the edge resource container;
wherein determining an available value of the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to the target user;
receiving feedback information of the target user for the use information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of the target users;
constructing a use matrix of the edge resource container based on all the data values of the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
Figure DEST_PATH_IMAGE002
;
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE004
is the first correlation value;
Figure DEST_PATH_IMAGE006
the number of downloads is the number of times;
Figure DEST_PATH_IMAGE008
as the first in the usage matrix
Figure DEST_PATH_IMAGE010
A data value;
Figure DEST_PATH_IMAGE012
as the first in the usage matrix
Figure 34344DEST_PATH_IMAGE010
The preset credit weight of the target user corresponding to the data value;
Figure DEST_PATH_IMAGE014
Figure DEST_PATH_IMAGE016
is a preset weight coefficient;
Figure DEST_PATH_IMAGE018
the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
Figure DEST_PATH_IMAGE020
;
wherein, the first and the second end of the pipe are connected with each other,
Figure DEST_PATH_IMAGE022
for the purpose of said second correlation value,
Figure DEST_PATH_IMAGE024
is the first in the evaluation matrix
Figure DEST_PATH_IMAGE026
The evaluation value;
Figure DEST_PATH_IMAGE028
is the first in the evaluation matrix
Figure 387703DEST_PATH_IMAGE026
The preset credit weight of the target user corresponding to each evaluation value; n is the total number of data in the evaluation matrix;
determining the available value based on the first correlation value and the second correlation value, the calculation formula being as follows:
Figure DEST_PATH_IMAGE030
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE032
is the usable value;
Figure DEST_PATH_IMAGE034
Figure DEST_PATH_IMAGE036
is a pre-set weight, and is,
Figure DEST_PATH_IMAGE038
2. the method of lightweight containerized integration of edge resources and hierarchical domain sharing of claim 1 wherein the edge resources to be processed comprise: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
3. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 1, wherein the integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container comprises:
verifying the integrity of the edge resource to be processed;
when the verification is passed, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
4. The method for lightweight container integration and hierarchical domain sharing of edge resources according to claim 1, wherein said configuring the hierarchical domain sharing rules for the edge resource container comprises:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a shared area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing permission for the edge resource container.
5. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 4, wherein the verifying the rating value based on the usage data comprises:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
Figure DEST_PATH_IMAGE040
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE042
in order to be said degree of matching,
Figure DEST_PATH_IMAGE044
is the first vector of
Figure DEST_PATH_IMAGE046
A parameter value;
Figure DEST_PATH_IMAGE048
is the second vector of the second vector
Figure 949132DEST_PATH_IMAGE046
A parameter value;
Figure DEST_PATH_IMAGE050
is the total number of data in the first vector or the total number of data in the second vector;
acquiring the verification matrix corresponding to the maximum matching degree in the verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist in the verification matrix, the verification is not passed.
6. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 1, further comprising:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of the other users to the query instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain the authority verification information;
and when the authority verification information of all the other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
7. An edge resource lightweight containerization integration and hierarchical domain sharing system, comprising:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container;
the shared monitoring module is used for monitoring the operation of the mobile phone,
the shared monitoring module performs the following operations:
acquiring a shared information record of the edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, cancelling the sharing of the edge resource container;
wherein determining an available value of the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user downloading the edge resource container;
sending a usage information query to the target user;
receiving feedback information of the target user for the usage information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of the target users;
constructing a use matrix of the edge resource container based on all the data values of the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
Figure 750866DEST_PATH_IMAGE002
;
wherein, the first and the second end of the pipe are connected with each other,
Figure 361976DEST_PATH_IMAGE004
is the first correlation value;
Figure 653280DEST_PATH_IMAGE006
the number of downloads is the number of times;
Figure 28636DEST_PATH_IMAGE008
is the first in the usage matrix
Figure 289853DEST_PATH_IMAGE010
A data value;
Figure 771781DEST_PATH_IMAGE012
as the first in the usage matrix
Figure 561882DEST_PATH_IMAGE010
The preset credit weight of the target user corresponding to the data value;
Figure 50632DEST_PATH_IMAGE014
Figure 833649DEST_PATH_IMAGE016
is a preset weight coefficient;
Figure 216089DEST_PATH_IMAGE018
the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
and determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
Figure 193404DEST_PATH_IMAGE020
;
wherein the content of the first and second substances,
Figure 169450DEST_PATH_IMAGE022
in order to be said second correlation value, the correlation value,
Figure 241311DEST_PATH_IMAGE024
is the first in the evaluation matrix
Figure 733384DEST_PATH_IMAGE026
The evaluation value;
Figure 802971DEST_PATH_IMAGE028
is the first in the evaluation matrix
Figure 594210DEST_PATH_IMAGE026
The preset credit weight of the target user corresponding to each evaluation value; n is the total number of data in the evaluation matrix;
determining the available value based on the first correlation value and the second correlation value, the calculation formula is as follows:
Figure 17232DEST_PATH_IMAGE030
wherein the content of the first and second substances,
Figure 311947DEST_PATH_IMAGE032
is the usable value;
Figure 818015DEST_PATH_IMAGE034
Figure 814659DEST_PATH_IMAGE036
is a pre-set weight, and is,
Figure 290639DEST_PATH_IMAGE038
8. the edge resource lightweight containerized integration and hierarchical domain sharing system of claim 7, wherein the pending edge resource comprises: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or deny data to enter or exit.
9. The edge resource lightweight containerization integration and hierarchical domain sharing system of claim 7, wherein the integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container comprises:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
CN202110322260.0A 2021-03-25 2021-03-25 Edge resource lightweight containerization integration and hierarchical domain sharing method and system Active CN113162985B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110322260.0A CN113162985B (en) 2021-03-25 2021-03-25 Edge resource lightweight containerization integration and hierarchical domain sharing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110322260.0A CN113162985B (en) 2021-03-25 2021-03-25 Edge resource lightweight containerization integration and hierarchical domain sharing method and system

Publications (2)

Publication Number Publication Date
CN113162985A CN113162985A (en) 2021-07-23
CN113162985B true CN113162985B (en) 2022-11-25

Family

ID=76884961

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110322260.0A Active CN113162985B (en) 2021-03-25 2021-03-25 Edge resource lightweight containerization integration and hierarchical domain sharing method and system

Country Status (1)

Country Link
CN (1) CN113162985B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018126387A1 (en) * 2017-01-05 2018-07-12 深圳市前海中康汇融信息技术有限公司 Database sharing management system
WO2020207264A1 (en) * 2019-04-08 2020-10-15 阿里巴巴集团控股有限公司 Network system, service provision and resource scheduling method, device, and storage medium
WO2021011308A1 (en) * 2019-07-18 2021-01-21 Equifax Inc. Secure resource management to prevent fraudulent resource access

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107231336A (en) * 2016-03-25 2017-10-03 中兴通讯股份有限公司 A kind of access control method, device and the gateway device of LAN Intranet resource
SE545262C2 (en) * 2019-07-03 2023-06-13 Telia Co Ab A method and a device comprising an edge cloud agent for providing a service
CN110737442B (en) * 2019-09-24 2021-06-22 厦门网宿有限公司 Edge application management method and system
CN110838939B (en) * 2019-10-11 2022-04-08 许继集团有限公司 Scheduling method based on lightweight container and edge Internet of things management platform

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018126387A1 (en) * 2017-01-05 2018-07-12 深圳市前海中康汇融信息技术有限公司 Database sharing management system
WO2020207264A1 (en) * 2019-04-08 2020-10-15 阿里巴巴集团控股有限公司 Network system, service provision and resource scheduling method, device, and storage medium
WO2021011308A1 (en) * 2019-07-18 2021-01-21 Equifax Inc. Secure resource management to prevent fraudulent resource access

Also Published As

Publication number Publication date
CN113162985A (en) 2021-07-23

Similar Documents

Publication Publication Date Title
Rathee et al. A secure communicating things network framework for industrial IoT using blockchain technology
CN116938558A (en) Computer implemented method for providing access to each node of a network and core network access system
US20210084109A1 (en) Content management system
US20120042354A1 (en) Entitlement conflict enforcement
CN114363352B (en) Cross-chain interaction method of Internet of things system based on block chain
CN103414585A (en) Method and device for building safety baselines of service system
US10192262B2 (en) System for periodically updating backings for resource requests
US10282461B2 (en) Structure-based entity analysis
CN110851872A (en) Risk assessment method and device for private data leakage
Labib et al. Trustworthiness in iot–a standards gap analysis on security, data protection and privacy
US10013237B2 (en) Automated approval
US20240037570A1 (en) Method for managing, evaluating and improving identity governance and administration
US11552985B2 (en) Method for predicting events using a joint representation of different feature types
CN113162985B (en) Edge resource lightweight containerization integration and hierarchical domain sharing method and system
WO2023241366A1 (en) Data processing method and system, and electronic device and computer-readable storage medium
CN112653697A (en) Access request processing method based on cloud computing and block chain and cloud service center
Shaaban et al. Toward applying the iec 62443 in the uas for secure civil applications
US20240163299A1 (en) Email security diagnosis device based on quantitative analysis of threat elements, and operation method thereof
GLAVAN et al. Multi-access edge computing analysis of risks and security measures
CN105376265A (en) Use method and use device of network exhaustible resource
US11693404B2 (en) Trusted autonomy framework for unmanned aerial systems
Sacanamboy et al. Combined performance and risk analysis for border management applications
Artych et al. Security constraints for placement of latency sensitive 5G MEC applications
Ramos et al. Privacy AwarenessforIoT Platforms: BRAIN-IoT Approach
Lobo et al. On security policy migrations

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant