CN112511567A - Method and device for managing secret communication priority of intelligent security chip - Google Patents
Method and device for managing secret communication priority of intelligent security chip Download PDFInfo
- Publication number
- CN112511567A CN112511567A CN202110159850.6A CN202110159850A CN112511567A CN 112511567 A CN112511567 A CN 112511567A CN 202110159850 A CN202110159850 A CN 202110159850A CN 112511567 A CN112511567 A CN 112511567A
- Authority
- CN
- China
- Prior art keywords
- evaluation
- link
- priority
- links
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
- H04L67/61—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources taking into account QoS or priority requirements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a device for managing the confidential communication priority of an intelligent security chip; the invention establishes the integral influence evaluation value of the encryption and decryption link according to the correlation between the encryption and decryption calculation link of the data stream and other processing transmission links, and realizes the management of the encryption and decryption calculation of the data stream in the aspects of time sequence and resource allocation by the intelligent security chip according to the integral influence evaluation value and the priority of the data stream.
Description
Technical Field
The invention relates to the technical field of secret communication, in particular to a method and a device for managing secret communication priority of an intelligent security chip.
Background
In recent years, novel applications such as internet of things, cloud computing, artificial intelligence, mobile internet and big data are continuously developed, the mobile data communication demand required by large scale and high real-time is explosively increased, and higher requirements are provided for the transmission capability of a communication system. Meanwhile, due to the appearance of new hacker technologies, more advanced electronic eavesdropping, information interception and tampering and other technologies, the safety of information is greatly threatened. Therefore, both data transmission capability and security have increasingly become factors that must be considered in the design of communication systems.
The communication system adopting the special security chip architecture is a solution for the data transmission with the requirements of large scale, high real-time performance and high security. The encryption and decryption calculation of the data stream is realized by utilizing a special security chip to provide hardware logic operation capability. Furthermore, real-time encrypted transmission of the data stream and real-time local decryption of the data stream can be achieved in the communication. The encryption and decryption calculation is executed by utilizing the special security chip, on one hand, the application of a more robust and more specialized encryption and decryption algorithm is facilitated, the independence of an encryption and decryption part in the system is enhanced, the risk of information cracking or interception is reduced, on the other hand, the embedded architecture of the security chip is adopted, the integration with other components of the communication system is convenient, and the mutual conflict influence cannot be generated.
The method comprises the steps of generally setting priority of data streams in data communication transmission; high priority data streams require lower latency and faster processing, and therefore are more computationally allocated in the case of time division multiplexing of the communication device, which is ordered earlier in time; the relatively low priority data streams are ordered later in time and may even be suspended from pause processing in order to free up timing and resources to the high priority data streams. In data communication, generally, an identifier for marking priority is set in a data stream, and the identifier is read to determine the priority of the data stream and adaptively allocate timing and resources during processing and transmission of the data stream. For the encryption and decryption calculation of the security chip, the same way is adopted in the prior art, and the time sequence and the resource configuration of the encryption and decryption calculation are arranged according to the priority of the data stream.
However, in a scenario where a security chip is used to encrypt and decrypt a data stream during communication, since encryption and decryption calculation is a necessary link, and the link is difficult to be expanded in parallel with other links of data stream processing and transmission, for example, it is difficult to perform necessary parsing and processing on the content of the frame structure of the entity data included in the data stream before performing decryption processing on the encrypted data stream. Therefore, for data streams with different priorities, the encryption and decryption calculation executed by the security chip not only needs to consider whether the timing sequence and resource configuration of the security chip are matched with the priority of the data stream, but also needs to consider whether the mutual correlation influence between the encryption and decryption calculation and other links of data stream processing and transmission is matched with the priority of the data stream as a whole. However, in the prior art, data stream encryption and decryption of the security chip are often managed as an independent link due to the independence of the hardware architecture and the processing algorithm of the security chip, and are not associated with the whole management of other links of data stream processing and transmission.
Disclosure of Invention
In view of the above problems, the present invention provides a method and apparatus for managing the security communication priority of an intelligent security chip; the invention establishes the integral influence evaluation value of the encryption and decryption link according to the correlation between the encryption and decryption calculation link of the data stream and other processing transmission links, and realizes the management of the encryption and decryption calculation of the data stream in the aspects of time sequence and resource allocation by the intelligent security chip according to the integral influence evaluation value and the priority of the data stream.
The embodiment of the invention provides a method for managing the confidential communication priority of an intelligent security chip, which comprises the following steps:
constructing a correlation network facing each link of data stream processing and transmission, and determining mutual conduction of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network;
determining the overall influence evaluation value of the encryption and decryption link according to the influence evaluation value of the intelligent security chip on the data stream encryption and decryption calculation link and the mutual conduction in the associated network;
determining an evaluation criterion matched with the priority of the data stream, and setting an evaluation parameter corresponding to the evaluation criterion based on the overall influence evaluation value of the encryption and decryption link;
and inputting the evaluation criterion and the evaluation parameter into a priority matching inspection model, determining the matching condition of the overall influence evaluation value of the encryption and decryption link and the priority of the data stream, and managing the time sequence resources related to the priority according to the matching condition.
In one embodiment, the constructing a correlation network for each link of data stream processing and transmission, and determining mutual conductance of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network, includes:
for each link in data stream transmission and processing, constructing the association network through a mechanism channel interacted by each link and corresponding weight of each mechanism channel;
and determining the mutual conduction of the influence evaluation values of all links in the associated network according to the influence evaluation values of all links and the associated network.
In one embodiment, determining the overall influence evaluation value of the encryption and decryption link specifically includes: the constructed association network and the conduction mechanism can screen and encrypt and decrypt links with non-0 mechanism channels in the association network based on the association network aiming at the encryption and decryption calculation links of the intelligent security chip to the data stream, and further form the influence evaluation values of the links into the integral influence evaluation value of the encryption and decryption links。
In one embodiment, the constructing the associated network specifically includes: the links in the transmission and processing of data streams in the whole system of the secret communication are expressed asWhereinThe set of all links isWherein, in the step (A),Mis the link scale. The expression of the associated network of the link isWherein the links are collectedVEach link in (1)Representing one network node in the associated network.Wherein,;Representing linksSubject linkA mechanistic channel of action;wherein,;Representing linksSubject linkThe magnitude of the weight of the mechanism channel of action,within a preset value rangeAn internal value.
In one embodiment, the method includes inputting the evaluation criterion and the evaluation parameter into a priority matching test model, determining a matching condition between an overall influence evaluation value of an encryption/decryption link and a priority of a data stream, and performing priority-related time sequence resource management according to the matching condition, and specifically includes:
establishing a judgment matrix based on the evaluation criterion and the evaluation parameter;
calculating the relative weight of the evaluation parameter to the evaluation criterion according to the judgment matrix, generating an index weight set based on the relative weight, and carrying out sequencing consistency check on the index weight set;
generating an evaluation index value based on the evaluation parameters and the evaluation criteria, determining a membership function according to an expert scoring method, and generating an evaluation matrix based on the evaluation index value and the membership function;
and inputting the evaluation matrix and the index weight set into the priority matching inspection model, encrypting and decrypting the matching condition of the overall influence evaluation value and the priority of the data stream, and managing the time sequence resources related to the priority according to the matching condition.
The embodiment of the invention also provides a device for managing the confidential communication priority of the intelligent security chip, which comprises the following steps:
the influence evaluation and transmission module is used for constructing a correlation network facing each link of data stream processing and transmission, and determining mutual transmission of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network;
the integral influence evaluation module is used for determining the integral influence evaluation value of the encryption and decryption link according to the influence evaluation value of the intelligent security chip on the data stream encryption and decryption calculation link and the mutual conduction in the associated network;
the evaluation setting module is used for determining an evaluation criterion matched with the priority of the data stream and setting an evaluation parameter corresponding to the evaluation criterion based on the integral influence evaluation value of the encryption and decryption link;
and the priority matching module is used for inputting the evaluation criterion and the evaluation parameter into a priority matching inspection model, determining the matching condition of the overall influence evaluation value of the encryption and decryption link and the priority of the data stream, and performing priority-related time sequence resource management according to the matching condition.
In one embodiment, the impact assessment conduction module comprises:
the related network construction module constructs the related network for each link in data stream transmission and processing through a mechanism channel interacted with each link and the corresponding weight of each mechanism channel;
and the conduction module is used for determining mutual conduction of the influence evaluation values of all the links in the associated network according to the influence evaluation values of all the links and the associated network.
In one embodiment, the overall influence evaluation module is capable of screening links having non-0 mechanism channels in the association network based on the association network and the encryption/decryption links aiming at the encryption/decryption computing link of the data stream by the intelligent security chip based on the constructed association network and the conduction mechanism, and further forming the influence evaluation values of the links into the overall influence evaluation value of the encryption/decryption link。
In one embodiment, the constructing the associated network by the associated network constructing module specifically includes: the links in the transmission and processing of data streams in the whole system of the secret communication are expressed asWhereinThe set of all links isWherein, in the step (A),Mis the link scale. The expression of the associated network of the link isWherein the links are collectedVEach link in (1)Representing one network node in the associated network.Wherein,;Representing linksSubject linkA mechanistic channel of action;wherein,;Representing linksSubject linkThe magnitude of the weight of the mechanism channel of action,within a preset value rangeAn internal value.
In one embodiment, the priority matching module inputs the evaluation criterion and the evaluation parameter to a priority matching check model, determines a matching condition between an overall influence evaluation value of an encryption/decryption link and a priority of a data stream, and performs priority-related timing resource management according to the matching condition, and specifically includes:
establishing a judgment matrix based on the evaluation criterion and the evaluation parameter;
calculating the relative weight of the evaluation parameter to the evaluation criterion according to the judgment matrix, generating an index weight set based on the relative weight, and carrying out sequencing consistency check on the index weight set;
generating an evaluation index value based on the evaluation parameters and the evaluation criteria, determining a membership function according to an expert scoring method, and generating an evaluation matrix based on the evaluation index value and the membership function;
and inputting the evaluation matrix and the index weight set into the priority matching inspection model, encrypting and decrypting the matching condition of the overall influence evaluation value and the priority of the data stream, and managing the time sequence resources related to the priority according to the matching condition.
The invention establishes the integral influence evaluation value of the encryption and decryption link according to the correlation between the encryption and decryption calculation link of the data stream and other processing transmission links, and realizes the management of the encryption and decryption calculation of the data stream in the aspects of time sequence and resource allocation by the intelligent security chip according to the integral influence evaluation value and the priority of the data stream.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a flowchart of a method for managing the security communication priority of an intelligent security chip according to an embodiment of the present invention;
fig. 2 is a block diagram of an apparatus for managing the priority of secure communication of an intelligent security chip according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
Referring to fig. 1, an embodiment of the present invention provides a method for managing security communication priority of an intelligent security chip, where the method includes: S101-S104;
step S101: and constructing a correlation network for each link of data stream processing and transmission, and determining mutual conduction of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network.
In the invention, for a plurality of data stream processing and transmission links including an encryption and decryption link in secret communication, all the links are mutually serial or parallel, and mutually cooperate and influence through mechanisms such as data handover, resource competition, suspension, recovery and the like, and the relation has certain complexity and time variability and is difficult to simply define and describe, so the relation is expressed in a form of an 'associated network'. Furthermore, the coordination and influence of the various links can be represented by the mutual conduction of the influence assessment values in the correlation network.
In the step S101, a correlation network is constructed for each link of data stream processing and transmission, and mutual conduction of the influence evaluation values of each link in the correlation network is determined according to the influence evaluation values of each link and the correlation network, which specifically includes:
and S1011, for each link in data stream transmission and processing, constructing the association network through the mechanism channel interacted with each link and the corresponding weight of each mechanism channel.
Specifically, each link in the transmission and processing of data streams in the whole system of secure communication is represented asWhereinThe set of all links isWherein, in the step (A),Mis the link scale. The expression of the associated network of the link isWherein the links are collectedVEach link in (1)Representing one network node in the associated network.Wherein,;Representing linksSubject linkMechanism channel of action, which mechanism channel may involve a linkAnd link(s)Data instruction interaction between the two channels, resource competition during parallel operation, activation and activation, suspension and suspension, and the like, and the mechanism channel can also be considered as the topology of the associated network. Wherein, if the link isHas a receiving linkThe mechanism channel of actionOn the contrary, if the link isIs not subject to a linkThe mechanism channel of actionTo aThat is to sayAre all defined as 0.Wherein;Representing linksSubject linkThe magnitude of the weight of the mechanism channel of action,within a preset value rangeInternal value, if the link is in progressSubject linkThe greater the influence of the mechanism channel of action, the more direct the mechanism isThe larger the value of (A), for example, a link can be definedSubject linkThe mechanism of action is that the channel is activated and activatedIs large, otherwise ifThe mechanism channel is the resource competition ruleThe value of (2) is small; for theThat is to sayAre all defined as 0.The value of (a) may be a fixed value,or may be a time-varying value.
And S1012, determining mutual conduction of the influence evaluation values of all the links in the associated network according to the influence evaluation values of all the links and the associated network.
Specifically, each linkIs expressed asThe influence evaluation value here represents the linkThe quantifiable value of the influence of the operating state of (A) on the processing and transmission of the data stream, for example, can be usedParameters such as occupied time sequence and calculated data amount correspond to the influence evaluation value. For each linkDetermining the linkOne neighborhood of (i.e. from),In selectionLinks not equal to 0Corresponding reference numeralsForm a neighborhood of values represented asI.e. byOf a neighborhood of (A), forThe influence evaluation value of (a) is expressed as follows:
andm represents links respectivelyThe influence evaluation values at the current evaluation period and the next evaluation period,represents the current evaluation period t linkNeighborhood of (2)Evaluation of influence of internal links on links by conduction of' correlation networkInfluence evaluation value of next evaluation periodThe gain that is generated is, in turn,βrepresenting the gain factor.
Returning to fig. 1, in step S102, an overall influence evaluation value of the encryption/decryption link is determined according to the influence evaluation value of the smart security chip on the data stream encryption/decryption calculation link and the mutual conduction in the association network. According to the association network and the conduction mechanism constructed in the step S101, aiming at the encryption and decryption calculation link of the data stream by the intelligent security chip, links with non-0 mechanism channels in the association network are screened and encrypted based on the association network, and then the influence evaluation values of the links form the integral influence evaluation value of the encryption and decryption link
In step S103, an evaluation criterion matching the priority of the data stream is determined, and an evaluation parameter corresponding to the evaluation criterion is set based on the overall influence evaluation value of the encryption and decryption link. The evaluation criteria include: priority criteria B1, associated network structure criteria B2, and conductance criteria B3. The evaluation parameters under the priority criterion B1 include: corresponding to the priority of the data streamTime delay C11, calculated speed C12; the evaluation parameters under the associated network structure criterion B2 include: taking the number of non-0 associated channels C21 and the average channel weight value as C22; the evaluation parameters under the conduction criterion B3 include: integral influence evaluation value of encryption and decryption linksC31 and a consistency coefficient C32.
In step S104, the evaluation criterion and the evaluation parameter are input to a priority matching check model, a matching condition between the overall influence evaluation value of the encryption and decryption link and the priority of the data stream is determined, and priority-related time sequence resource management is performed according to the matching condition. Specifically, S104 includes the steps of:
s1041, establishing a judgment matrix based on the evaluation criterion and the evaluation parameter.
Specifically, the evaluation criterion is set as B, and the elements of the corresponding evaluation parameters are respectivelyAnd generating a judgment matrix A by pairwise comparison, wherein the formula of the judgment matrix A is as follows:
in the above-mentioned formula, the compound of formula,representing evaluation parametersThe scale of the proportion of importance with respect to the evaluation criterion B has the following properties:
similarly, a corresponding judgment matrix is generated by pairwise comparison of the elements in the evaluation criterion B with the group behavior prediction scheme.
S1042, calculating the relative weight of the evaluation parameter to the evaluation criterion according to the judgment matrix, generating an index weight set based on the relative weight, and performing sequencing consistency check on the index weight set.
In particular, n elements of the known evaluation parameterIf the judgment matrix of the evaluation criterion B is A, the relative weight of the evaluation parameter to the evaluation criterion B is represented by the following formula:
Further, n row vectors of the judgment matrix A are normalized, the average value is calculated, and the relative weight of the evaluation parameter to the evaluation criterion B is generatedThe calculation formula is as follows:
further, calculating a maximum feature root, and judging the consistency of the matrix according to the maximum feature rootThe calculation formula of (a) is as follows:
further, the relative weights of other evaluation parameters to the corresponding evaluation criteria are calculated according to the calculation process, and the ordering weight vector of each compared element under the single criterion is generated.
Further, relative weights of the evaluation parameters to the corresponding evaluation criteriaAnd carrying out vector normalization processing to generate the following index weight set W:
further, the consistency check is carried out on the index weight set according to the following calculation formula to prove that the judgment matrix A conforms to the common logic knowledge:
in the above formula, the first and second carbon atoms are,the index of the consistency is expressed in terms of,the average random consistency index is represented by,representing a consistency ratio;
wherein whenThe consistency of the matrix meets the requirement; when in useThe consistency of the matrix is not satisfactory.
Further, according to the result of the hierarchical single ranking, the evaluation criterion and the total ranking weight of the evaluation parameters are respectively calculated, and the calculation formula is as follows:
wherein the content of the first and second substances,at layer k-1 (i.e., evaluation parameter)The vector of individual element-ordering weights is,representing the ordering of elements at the k-th level (i.e. evaluation criterion) to elements at the k-1 level,representing the overall ordering of the elements on the k-th layer.
Further, consistency check is carried out layer by layer, wherein when the element j on the k-1 layer is a consistency index of the criterionAverage random consistency indexRatio of uniformityThen, the comprehensive index of the k layer is calculated according to the following formula:
S1043, generating an evaluation index value based on the evaluation parameters and the evaluation criteria, determining a membership function according to an expert scoring method, and generating an evaluation matrix based on the evaluation index value and the membership function.
Specifically, an evaluation criterion and an evaluation index value of an evaluation parameter are generated by an analytic hierarchy process, and the evaluation index value is represented by the following formula:
further, a rating evaluation set is generated according to the evaluation result possibly made by the evaluation object, and the rating evaluation set is expressed as:
wherein the content of the first and second substances,the evaluation scale standard is shown, and m represents the number of scale evaluations.
Further, substituting each evaluation index value into each membership function, and calculating the jth membership degree of the ith indexAnd carrying out normalization processing to generate an evaluation matrix R, wherein the calculation formula of the evaluation matrix R is as follows:
and S1044, inputting the evaluation matrix and the index weight set into the priority matching test model, matching the overall influence evaluation value of the encryption and decryption link with the priority of the data stream, and managing the time sequence resources related to the priority according to the matching condition.
Specifically, the comprehensive evaluation model multiplies the evaluation matrix R by the index weight set W to generate a comprehensive evaluation result, and a calculation formula of the comprehensive evaluation result is as follows:
wherein, according to the principle of maximum membership degree, the evaluation resultCorresponding grade evaluation setAs a result of comprehensive evaluation.
Referring to fig. 2, an intelligent security chip secure communication priority management apparatus provided in an embodiment of the present invention includes:
the influence evaluation and transmission module is used for constructing a correlation network facing each link of data stream processing and transmission, and determining mutual transmission of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network;
in the invention, for a plurality of data stream processing and transmission links including an encryption and decryption link in secret communication, all the links are mutually serial or parallel, and mutually cooperate and influence through mechanisms such as data handover, resource competition, suspension, recovery and the like, and the relation has certain complexity and time variability and is difficult to simply define and describe, so the relation is expressed in a form of an 'associated network'. Furthermore, the coordination and influence of the various links can be represented by the mutual conduction of the influence assessment values in the correlation network.
The influence evaluation conduction module constructs a correlation network facing each link of data stream processing and transmission, and determines mutual conduction of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network, and specifically comprises the following steps:
and the associated network construction module is used for constructing the associated network for each link in data stream transmission and processing through the mechanism channel interacted with each link and the corresponding weight of each mechanism channel.
Specifically, each link in the transmission and processing of data streams in the whole system of secure communication is represented asWhereinThe set of all links isWherein, in the step (A),Mis the link scale. The expression of the associated network of the link isWherein the links are collectedVEach link in (1)Representing one network node in the associated network.Wherein,;Representing linksSubject linkMechanism channel of action, which mechanism channel may involve a linkAnd link(s)Data instruction interaction between the two channels, resource competition during parallel operation, activation and activation, suspension and suspension, and the like, and the mechanism channel can also be considered as the topology of the associated network. Wherein, if the link isHas a receiving linkThe mechanism channel of actionOn the contrary, if the link isIs not subject to a linkThe mechanism channel of actionTo aThat is to sayAre all defined as 0.Wherein;Representing linksSubject linkThe magnitude of the weight of the mechanism channel of action,within a preset value rangeInternal value, if the link is in progressSubject linkThe greater the influence of the mechanism channel of action, the more direct the mechanism isThe larger the value of (A), for example, a link can be definedSubject linkThe mechanism of action is that the channel is activated and activatedThe value of (A) is large, otherwise if the mechanism channel is the resourceSource race ruleThe value of (2) is small; for theThat is to sayAre all defined as 0.The value of (a) may be a fixed value,or may be a time-varying value.
And the conduction module is used for determining mutual conduction of the influence evaluation values of all the links in the associated network according to the influence evaluation values of all the links and the associated network.
Specifically, each linkIs expressed asThe influence evaluation value here represents the linkThe quantifiable value of the influence of the operating state of (A) on the processing and transmission of the data stream, for example, can be usedParameters such as occupied time sequence and calculated data amount correspond to the influence evaluation value. For each linkDetermining the linkOne neighborhood of (i.e. from),In selectionLinks not equal to 0Corresponding reference numeralsForm a neighborhood of values represented asI.e. byOf a neighborhood of (A), forThe influence evaluation value of (a) is expressed as follows:
andm represents links respectivelyThe influence evaluation values at the current evaluation period and the next evaluation period,represents the current evaluation period t linkNeighborhood of (2)Evaluation of influence of internal links on links by conduction of' correlation networkInfluence evaluation value of next evaluation periodThe gain that is generated is, in turn,βrepresenting the gain factor.
Returning to fig. 1, the overall influence evaluation module is configured to determine an overall influence evaluation value of the encryption/decryption link according to the influence evaluation value of the intelligent security chip on the data stream encryption/decryption calculation link and mutual conduction in the associated network. According to the association network and the conduction mechanism, aiming at the encryption and decryption calculation link of the data stream by the intelligent security chip, links with non-0 mechanism channels in the association network are screened and encrypted based on the association network, and then the influence evaluation values of the links form the integral influence evaluation value of the encryption and decryption link。
And the evaluation setting module is used for determining an evaluation criterion matched with the priority of the data stream and setting an evaluation parameter corresponding to the evaluation criterion based on the overall influence evaluation value of the encryption and decryption link. The evaluation criteria include: priority criteria B1, associated network structure criteria B2, and conductance criteria B3. The evaluation parameters under the priority criterion B1 include: time corresponding to priority of data flowC11, calculating the speed C12; the evaluation parameters under the associated network structure criterion B2 include: taking the number of non-0 associated channels C21 and the average channel weight value as C22; the evaluation parameters under the conduction criterion B3 include: integral influence evaluation value of encryption and decryption linksC31 and a consistency coefficient C32.
And the priority matching module is used for inputting the evaluation criterion and the evaluation parameter into a priority matching inspection model, determining the matching condition of the overall influence evaluation value of the encryption and decryption link and the priority of the data stream, and performing priority-related time sequence resource management according to the matching condition. In particular, the present invention relates to a method for producing,
the priority matching module establishes a judgment matrix based on the evaluation criterion and the evaluation parameter.
Specifically, the evaluation criterion is set as B, and the elements of the corresponding evaluation parameters are respectivelyAnd generating a judgment matrix A by pairwise comparison, wherein the formula of the judgment matrix A is as follows:
in the above-mentioned formula, the compound of formula,representing evaluation parametersThe scale of the proportion of importance with respect to the evaluation criterion B has the following properties:
similarly, a corresponding judgment matrix is generated by pairwise comparison of the elements in the evaluation criterion B with the group behavior prediction scheme.
And the priority matching module calculates the relative weight of the evaluation parameter to the evaluation criterion according to the judgment matrix, generates an index weight set based on the relative weight, and performs sequencing consistency check on the index weight set.
In particular, n elements of the known evaluation parameterIf the judgment matrix of the evaluation criterion B is A, the relative weight of the evaluation parameter to the evaluation criterion B is represented by the following formula:
Further, n row vectors of the judgment matrix A are normalized, the average value is calculated, and the relative weight of the evaluation parameter to the evaluation criterion B is generatedThe calculation formula is as follows:
further, calculating a maximum feature root, and judging the consistency of the matrix according to the maximum feature rootThe calculation formula of (a) is as follows:
further, the relative weights of other evaluation parameters to the corresponding evaluation criteria are calculated according to the calculation process, and the ordering weight vector of each compared element under the single criterion is generated.
Further, relative weights of the evaluation parameters to the corresponding evaluation criteriaAnd carrying out vector normalization processing to generate the following index weight set W:
further, the consistency check is carried out on the index weight set according to the following calculation formula to prove that the judgment matrix A conforms to the common logic knowledge:
in the above formula, the first and second carbon atoms are,the index of the consistency is expressed in terms of,the average random consistency index is represented by,representing a consistency ratio;
wherein whenThe consistency of the matrix meets the requirement; when in useThe consistency of the matrix is not satisfactory.
Further, according to the result of the hierarchical single ranking, the evaluation criterion and the total ranking weight of the evaluation parameters are respectively calculated, and the calculation formula is as follows:
wherein the content of the first and second substances,at layer k-1 (i.e., evaluation parameter)The vector of individual element-ordering weights is,representing the ordering of elements at the k-th level (i.e. evaluation criterion) to elements at the k-1 level,representing the overall ordering of the elements on the k-th layer.
Further, consistency check is carried out layer by layer, wherein when the element j on the k-1 layer is a consistency index of the criterionAverage random consistency indexRatio of uniformityThen, the comprehensive index of the k layer is calculated according to the following formula:
The priority matching module generates an evaluation index value based on the evaluation parameters and the evaluation criteria, determines a membership function according to an expert scoring method, and generates an evaluation matrix based on the evaluation index value and the membership function.
Specifically, the evaluation criterion and the evaluation index value of the evaluation parameter are generated by an analytic hierarchy process, wherein the evaluation index value is as followsThen global consistency is satisfied.
And the priority matching module inputs the evaluation matrix and the index weight set into the priority matching inspection model, the matching condition of the overall influence evaluation value of the encryption and decryption link and the priority of the data stream is obtained, and priority related time sequence resource management is carried out according to the matching condition.
Specifically, the comprehensive evaluation model multiplies the evaluation matrix R by the index weight set W to generate a comprehensive evaluation result, and a calculation formula of the comprehensive evaluation result is as follows:
wherein, according to the principle of maximum membership degree, the evaluation resultCorresponding grade evaluation setAs a result of comprehensive evaluation.
The invention establishes the integral influence evaluation value of the encryption and decryption link according to the correlation between the encryption and decryption calculation link of the data stream and other processing transmission links, and realizes the management of the encryption and decryption calculation of the data stream in the aspects of time sequence and resource allocation by the intelligent security chip according to the integral influence evaluation value and the priority of the data stream.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (10)
1. A method for managing secret communication priority of an intelligent security chip is characterized by comprising the following steps:
constructing a correlation network facing each link of data stream processing and transmission, and determining mutual conduction of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network;
determining the overall influence evaluation value of the encryption and decryption link according to the influence evaluation value of the intelligent security chip on the data stream encryption and decryption calculation link and the mutual conduction in the associated network;
determining an evaluation criterion matched with the priority of the data stream, and setting an evaluation parameter corresponding to the evaluation criterion based on the overall influence evaluation value of the encryption and decryption link;
and inputting the evaluation criterion and the evaluation parameter into a priority matching inspection model, determining the matching condition of the overall influence evaluation value of the encryption and decryption link and the priority of the data stream, and managing the time sequence resources related to the priority according to the matching condition.
2. The method for managing the confidential communication priority of the intelligent security chip according to claim 1, wherein each link facing data stream processing and transmission constructs a correlation network, and determines the mutual conduction of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network, and the method comprises the following steps:
for each link in data stream transmission and processing, constructing the association network through a mechanism channel interacted by each link and corresponding weight of each mechanism channel;
and determining the mutual conduction of the influence evaluation values of all links in the associated network according to the influence evaluation values of all links and the associated network.
3. The method for managing the confidential communication priority of the intelligent security chip as claimed in claim 2, wherein the step of determining the overall influence evaluation value of the encryption and decryption link specifically comprises the steps of: the constructed association network and the conduction mechanism can screen and encrypt and decrypt links with non-0 mechanism channels in the association network based on the association network aiming at the encryption and decryption calculation links of the intelligent security chip to the data stream, and further form the influence evaluation values of the links into the integral influence evaluation value of the encryption and decryption links。
4. The method for priority management of secure communication of an intelligent security chip as claimed in claim 3, wherein constructing the association network specifically comprises: the links in the transmission and processing of data streams in the whole system of the secret communication are expressed asWhereinThe set of all links isWherein, in the step (A),Mthe scale of the link is adopted; the expression of the associated network of the link isWherein the links are collectedVEach link in (1)Representing a network node in an associated network;wherein,;Representing linksSubject linkA mechanistic channel of action;wherein,;Representing linksIs subjected toLink of a Chinese characterThe magnitude of the weight of the mechanism channel of action,within a preset value rangeAn internal value.
5. The method for managing the priority of the secure communication of the intelligent security chip according to claim 4, wherein the evaluation criterion and the evaluation parameter are input to a priority matching verification model, a matching condition between an overall influence evaluation value of an encryption/decryption link and a priority of a data stream is determined, and priority-related time sequence resource management is performed according to the matching condition, specifically comprising:
establishing a judgment matrix based on the evaluation criterion and the evaluation parameter;
calculating the relative weight of the evaluation parameter to the evaluation criterion according to the judgment matrix, generating an index weight set based on the relative weight, and carrying out sequencing consistency check on the index weight set;
generating an evaluation index value based on the evaluation parameters and the evaluation criteria, determining a membership function according to an expert scoring method, and generating an evaluation matrix based on the evaluation index value and the membership function;
and inputting the evaluation matrix and the index weight set into the priority matching inspection model, encrypting and decrypting the matching condition of the overall influence evaluation value and the priority of the data stream, and managing the time sequence resources related to the priority according to the matching condition.
6. An apparatus for managing security communication priority of an intelligent security chip, comprising:
the influence evaluation and transmission module is used for constructing a correlation network facing each link of data stream processing and transmission, and determining mutual transmission of the influence evaluation values of each link in the correlation network according to the influence evaluation values of each link and the correlation network;
the integral influence evaluation module is used for determining the integral influence evaluation value of the encryption and decryption link according to the influence evaluation value of the intelligent security chip on the data stream encryption and decryption calculation link and the mutual conduction in the associated network;
the evaluation setting module is used for determining an evaluation criterion matched with the priority of the data stream and setting an evaluation parameter corresponding to the evaluation criterion based on the integral influence evaluation value of the encryption and decryption link;
and the priority matching module is used for inputting the evaluation criterion and the evaluation parameter into a priority matching inspection model, determining the matching condition of the overall influence evaluation value of the encryption and decryption link and the priority of the data stream, and performing priority-related time sequence resource management according to the matching condition.
7. The apparatus for smart security chip secure communication priority management according to claim 6, wherein the influence assessment conduction module comprises:
the related network construction module constructs the related network for each link in data stream transmission and processing through a mechanism channel interacted with each link and the corresponding weight of each mechanism channel;
and the conduction module is used for determining mutual conduction of the influence evaluation values of all the links in the associated network according to the influence evaluation values of all the links and the associated network.
8. The device for managing the priority of the confidential communication of the intelligent security chip according to claim 7, wherein the overall influence evaluation module is capable of screening, based on the association network, links having a non-0 mechanism channel in the association network for the encryption/decryption links of the data stream of the intelligent security chip based on the constructed association network and the conduction mechanism, and further screening the links having the non-0 mechanism channel in the association network based on the association network, and further mapping the linksIntegral influence evaluation value for forming encryption and decryption link by using response evaluation value。
9. The apparatus for priority management of secure communication of an intelligent security chip according to claim 8, wherein the association network construction module specifically constructs the association network by: the links in the transmission and processing of data streams in the whole system of the secret communication are expressed asWhereinThe set of all links isWherein, in the step (A),Mthe scale of the link is adopted; the expression of the associated network of the link isWherein the links are collectedVEach link in (1)Representing a network node in an associated network;wherein,;Representing linksSubject linkA mechanistic channel of action;wherein,;Representing linksSubject linkThe magnitude of the weight of the mechanism channel of action,within a preset value rangeAn internal value.
10. The apparatus for priority management of secure communication of an intelligent security chip according to claim 9, wherein the priority matching module inputs the evaluation criterion and the evaluation parameter to a priority matching verification model, determines a matching condition between an overall impact evaluation value of an encryption/decryption link and a priority of a data stream, and performs priority-related timing resource management according to the matching condition, specifically comprising:
establishing a judgment matrix based on the evaluation criterion and the evaluation parameter;
calculating the relative weight of the evaluation parameter to the evaluation criterion according to the judgment matrix, generating an index weight set based on the relative weight, and carrying out sequencing consistency check on the index weight set;
generating an evaluation index value based on the evaluation parameters and the evaluation criteria, determining a membership function according to an expert scoring method, and generating an evaluation matrix based on the evaluation index value and the membership function;
and inputting the evaluation matrix and the index weight set into the priority matching inspection model, encrypting and decrypting the matching condition of the overall influence evaluation value and the priority of the data stream, and managing the time sequence resources related to the priority according to the matching condition.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110159850.6A CN112511567B (en) | 2021-02-05 | 2021-02-05 | Method and device for managing secret communication priority of intelligent security chip |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110159850.6A CN112511567B (en) | 2021-02-05 | 2021-02-05 | Method and device for managing secret communication priority of intelligent security chip |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112511567A true CN112511567A (en) | 2021-03-16 |
CN112511567B CN112511567B (en) | 2021-05-11 |
Family
ID=74953176
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110159850.6A Active CN112511567B (en) | 2021-02-05 | 2021-02-05 | Method and device for managing secret communication priority of intelligent security chip |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112511567B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114499958A (en) * | 2021-12-24 | 2022-05-13 | 东软睿驰汽车技术(沈阳)有限公司 | Control method and device, vehicle and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102195991A (en) * | 2011-06-28 | 2011-09-21 | 辽宁国兴科技有限公司 | Terminal security management and authentication method and system |
US20180317247A1 (en) * | 2017-05-01 | 2018-11-01 | Bae Systems Information And Electronic Systems Integration Inc. | Multiple access wireless network with low latency subnet |
CN109740865A (en) * | 2018-12-13 | 2019-05-10 | 平安科技(深圳)有限公司 | Methods of risk assessment, system, equipment and storage medium |
CN112150014A (en) * | 2020-09-27 | 2020-12-29 | 平安资产管理有限责任公司 | Enterprise risk early warning method, device, equipment and readable storage medium |
-
2021
- 2021-02-05 CN CN202110159850.6A patent/CN112511567B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102195991A (en) * | 2011-06-28 | 2011-09-21 | 辽宁国兴科技有限公司 | Terminal security management and authentication method and system |
US20180317247A1 (en) * | 2017-05-01 | 2018-11-01 | Bae Systems Information And Electronic Systems Integration Inc. | Multiple access wireless network with low latency subnet |
CN109740865A (en) * | 2018-12-13 | 2019-05-10 | 平安科技(深圳)有限公司 | Methods of risk assessment, system, equipment and storage medium |
CN112150014A (en) * | 2020-09-27 | 2020-12-29 | 平安资产管理有限责任公司 | Enterprise risk early warning method, device, equipment and readable storage medium |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114499958A (en) * | 2021-12-24 | 2022-05-13 | 东软睿驰汽车技术(沈阳)有限公司 | Control method and device, vehicle and storage medium |
CN114499958B (en) * | 2021-12-24 | 2024-02-09 | 东软睿驰汽车技术(沈阳)有限公司 | Control method and device, vehicle and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN112511567B (en) | 2021-05-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210409191A1 (en) | Secure Machine Learning Analytics Using Homomorphic Encryption | |
Huang et al. | Security modeling and efficient computation offloading for service workflow in mobile edge computing | |
Macedo et al. | On the security aspects of Internet of Things: A systematic literature review | |
CN105579990B (en) | Using aware network management method and system | |
CN111898137A (en) | Private data processing method, equipment and system for federated learning | |
Adimoolam et al. | Green ICT communication, networking and data processing | |
Gong et al. | Surakav: Generating realistic traces for a strong website fingerprinting defense | |
Qi et al. | A blockchain-driven IIoT traffic classification service for edge computing | |
Almagrabi et al. | A classification-based privacy-preserving decision-making for secure data sharing in internet of things assisted applications | |
Althati et al. | Scalable Machine Learning Solutions for Heterogeneous Data in Distributed Data Platform | |
CN112511567B (en) | Method and device for managing secret communication priority of intelligent security chip | |
Neto et al. | A survey on securing federated learning: Analysis of applications, attacks, challenges, and trends | |
Mishra et al. | Supervised machine learning algorithms based on classification for detection of distributed denial of service attacks in SDN-enabled cloud computing | |
Zanardo et al. | Secure and Authorized Data Sharing among different IoT Network Domains using Beez blockchain | |
Baskar et al. | Attribute-based data fusion for designing a rational trust model for improving the service reliability of internet of things assisted applications in smart cities | |
Kaur et al. | A blockchain-based machine learning intrusion detection system for internet of things | |
Zhang et al. | Cross-domain network attack detection enabled by heterogeneous transfer learning | |
CN115086718A (en) | Video stream encryption method and device | |
Sneha et al. | RADS: a real-time anomaly detection model for software-defined networks using machine learning | |
Jiang et al. | Anomaly Detection and Access Control for Cloud-Edge Collaboration Networks. | |
Kale et al. | A Practicable Machine Learning Solution for Security-Cognizant Data Placement on Cloud Platforms | |
Chen et al. | Resource-Constraint Deep Forest Based Intrusion Detection Method in Internet of Things for Consumer Electronic | |
Kanimozhi et al. | Adaptive Weighted Support Vector Machine classification method for privacy preserving in cloud over big data using hadoop framework | |
Peter Soosai Anandaraj et al. | Improved cuckoo search load distribution (ICS‐LD) and attack detection in cloud environment | |
Wei et al. | QuDASH: Quantum-inspired rate adaptation approach for DASH video streaming |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20210316 Assignee: Hangzhou Weiming Information Technology Co.,Ltd. Assignor: Zhejiang core Gravity Technology Co.,Ltd. Contract record no.: X2021330000325 Denomination of invention: A method and device for secure communication priority management of intelligent security chip Granted publication date: 20210511 License type: Common License Record date: 20210927 |
|
EE01 | Entry into force of recordation of patent licensing contract |