CN113162985A - Lightweight containerized integration and hierarchical domain sharing method and system for edge resources - Google Patents
Lightweight containerized integration and hierarchical domain sharing method and system for edge resources Download PDFInfo
- Publication number
- CN113162985A CN113162985A CN202110322260.0A CN202110322260A CN113162985A CN 113162985 A CN113162985 A CN 113162985A CN 202110322260 A CN202110322260 A CN 202110322260A CN 113162985 A CN113162985 A CN 113162985A
- Authority
- CN
- China
- Prior art keywords
- edge
- data
- verification
- edge resource
- lightweight
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/1805—Append-only file systems, e.g. using logs or journals to store data
- G06F16/1815—Journaling file systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
Abstract
The invention provides a lightweight containerization integration and hierarchical domain sharing method and a system for edge resources, wherein the method comprises the following steps: acquiring edge resources to be processed; integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container; and configuring a hierarchical domain sharing rule for the edge resource container. The lightweight containerization integration and hierarchical domain sharing method for the edge resources improves the control strength of the access of the edge resources through a hierarchical domain sharing mechanism, and improves the efficiency of deploying the edge resources through containerization.
Description
Technical Field
The invention relates to the technical field of data processing and sharing, in particular to a lightweight container integration and hierarchical domain sharing method and system for edge resources.
Background
At present, edge computing is to construct a distributed open system fusing network, computing, storage and application core capabilities on the network edge side close to an object or a data source, so as to provide intelligent services nearby and meet key requirements of manufacturing industry in aspects of agile connection, real-time service, data optimization, application intelligence, safety, privacy protection and the like.
With the continuous improvement of the informatization construction level, the operation and maintenance environment is increasingly complex, so that how to strengthen the access control strength on the edge resources of the user on the premise of ensuring that the original edge calculation is not influenced becomes a problem to be solved urgently.
Disclosure of Invention
One of the objectives of the present invention is to provide a lightweight containerization integration and hierarchical domain sharing method for edge resources, which improves the control strength of access to the edge resources through a hierarchical domain sharing mechanism, and improves the efficiency of deploying the edge resources through containerization.
The embodiment of the invention provides a lightweight containerization integration and hierarchical domain sharing method for edge resources, which comprises the following steps:
acquiring edge resources to be processed;
integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and configuring a hierarchical domain sharing rule for the edge resource container.
Preferably, the edge resource to be processed includes: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
Preferably, integrating the edge resource to be processed based on a preset lightweight container template to obtain the edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Preferably, the configuring the hierarchical domain sharing rule for the edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a sharing area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing authority for the edge resource container.
Preferably, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further includes:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein A is a first correlation value; a. the0The number of downloads; a isiIs the ith data value in the use matrix;
the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta1、θ2Is a preset weight coefficient; n is the total number of data in the assignment matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all verified evaluation values;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein B is a second correlation value, BjEvaluating the jth evaluation value in the matrix;
the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, and calculating as follows:
K=μ1A+μ2B;
wherein K is a usable value; mu.s1、μ2Is a preset weight, mu1+μ2=1。
Preferably, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein P is the degree of matching, xkIs the kth parameter value of the first vector; y iskIs the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching value in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
Preferably, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further includes:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
The invention also provides a lightweight containerization integration and hierarchical domain sharing system for edge resources, which comprises:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container.
Preferably, the edge resource to be processed includes: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
Preferably, integrating the edge resource to be processed based on a preset lightweight container template to obtain the edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic diagram of an edge resource lightweight containerization integration and hierarchical domain sharing method according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
The embodiment of the invention provides a lightweight containerization integration and hierarchical domain sharing method for edge resources, which comprises the following steps of:
step S1: acquiring edge resources to be processed;
step S2: integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
step S3: and configuring a hierarchical domain sharing rule for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge resource is subjected to lightweight containerization to form an edge resource container, namely, various module files used by the edge resource are integrated, and the integration can be specifically expressed as mirror image files of the edge resource container, and then a hierarchical domain sharing rule is configured, so that the edge resource container can be shared in the hierarchy and the domains where the edge resource to be processed is located; users in the same grading and domain division can obtain the edge resource container, the safety of the edge resource container is improved based on a grading and domain division sharing mechanism, and the data safety is improved. By integrating the edge resources, the efficiency of system configuration after the user downloads is improved.
In one embodiment, the pending edge resources include: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge computing is realized according to the edge gateway module, the edge cloud module, the log management module and the safety control module, and after containerization integration, rapid deployment in a new operating environment is realized.
In one embodiment, integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
The working principle and the beneficial effects of the technical scheme are as follows:
when containerization integration is carried out, firstly, integrity is verified, and the requirement of edge calculation can be met after containerization integration is ensured; during integration, integration is mainly carried out on the basis of a lightweight container template, so that rapid integration is realized; and when the integrity verification fails, outputting the type information of the missing resources, and completing by the provider of the edge resources to be processed, or completing according to the edge resources to be processed from a preset resource library.
In one embodiment, configuring a hierarchical domain sharing rule for an edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a sharing area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing authority for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the sharing rules include: the sharing times, the sharing areas, the sharing authority levels and the like are based on the sharing times, namely the sharing times are reduced by one every time the edge resource containers are downloaded, and when the sharing times return to zero, the sharing of the edge resource containers is cancelled. The user can download the edge resource container only in the range of the shared area; and the user can download the file only when the authority level of the user meets the sharing authority.
In one embodiment, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further comprises:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein A is a first correlation value; a. the0The number of downloads; a isiIs the ith data value in the use matrix;
the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta1、θ2Is a preset weight coefficient; n is the total number of data in the assignment matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all verified evaluation values;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein B is a second correlation value, BjEvaluating the jth evaluation value in the matrix;
to evaluateThe preset credit weight of the target user corresponding to the jth evaluation value in the price matrix; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, and calculating as follows:
K=μ1A+μ2B;
wherein K is a usable value; mu.s1、μ2Is a preset weight, mu1+μ2=1。
The working principle and the beneficial effects of the technical scheme are as follows:
and in the sharing process of the edge resource container, tracking and monitoring the shared information record, and determining the available value of the edge resource container based on the shared information record so as to determine whether to continue sharing. And by eliminating the containers with smaller available values, the shared resources are released, and the optimization of the resources is realized. Starting from two aspects in determining the available value of the edge resource container, wherein the first aspect is starting from the conditions of downloading and using the edge resource container after downloading; the second aspect is feedback of the user to use the edge resource container, the first aspect is analysis from objective factors, and the second aspect is analysis from subjective factors; the subjective and objective factors are combined, and the evaluation on the edge resource container is more accurate.
In one embodiment, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein P is the degree of matching, xkIs the kth parameter value of the first vector; y iskIs the kth parameter value of the second vector; m is the total number of data in the first vector or the data in the second vectorThe total number of (c);
acquiring a verification matrix corresponding to the maximum matching value in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
The working principle and the beneficial effects of the technical scheme are as follows:
the use data can reflect the evaluation of the user to a certain extent, and the use data is used for evaluation value verification, so that the situation that the user uses the edge resource container all the time and gives relatively poor evaluation while giving evaluation and evaluation inconsistent with the use data can be avoided, and the accuracy of evaluation on the edge resource container from a subjective level is improved.
In one embodiment, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further comprises:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
The working principle and the beneficial effects of the technical scheme are as follows:
by setting the cross-level cross-domain authority, the cross-domain sharing is realized for the supplement of the grading and domain-division sharing; the acquisition of cross-level and cross-domain rights can be allocated by the system, for example, once a month; or, the user initiates a cross-level and cross-domain application in the domain where the user is located, and whether the user gives a cross-level and cross-domain authority is determined by voting of other users. After the application, the cross-level and cross-domain authority needs to be verified, so that the authority tampering is prevented, the difficulty of the authority tampering is increased based on the verification of all the users in the domain, and the safety of the authority is improved.
The invention also provides a lightweight containerization integration and hierarchical domain sharing system for edge resources, which comprises:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge resource is subjected to lightweight containerization to form an edge resource container, namely, various module files used by the edge resource are integrated, and the integration can be specifically expressed as mirror image files of the edge resource container, and then a hierarchical domain sharing rule is configured, so that the edge resource container can be shared in the hierarchy and the domains where the edge resource to be processed is located; users in the same grading and domain division can obtain the edge resource container, the safety of the edge resource container is improved based on a grading and domain division sharing mechanism, and the data safety is improved. By integrating the edge resources, the efficiency of system configuration after the user downloads is improved.
In one embodiment, the pending edge resources include: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge computing is realized according to the edge gateway module, the edge cloud module, the log management module and the safety control module, and after containerization integration, rapid deployment in a new operating environment is realized.
In one embodiment, integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
The working principle and the beneficial effects of the technical scheme are as follows:
when containerization integration is carried out, firstly, integrity is verified, and the requirement of edge calculation can be met after containerization integration is ensured; during integration, integration is mainly carried out on the basis of a lightweight container template, so that rapid integration is realized; and when the integrity verification fails, outputting the type information of the missing resources, and completing by the provider of the edge resources to be processed, or completing according to the edge resources to be processed from a preset resource library.
In one embodiment, configuring a hierarchical domain sharing rule for an edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a sharing area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing authority for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the sharing rules include: the sharing times, the sharing areas, the sharing authority levels and the like are based on the sharing times, namely the sharing times are reduced by one every time the edge resource containers are downloaded, and when the sharing times return to zero, the sharing of the edge resource containers is cancelled. The user can download the edge resource container only in the range of the shared area; and the user can download the file only when the authority level of the user meets the sharing authority.
In one embodiment, the edge resource lightweight containerization integration and hierarchical domain sharing system further comprises: the shared monitoring module is used for monitoring the operation of the mobile phone,
the shared monitoring module performs the following operations:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein A is a first correlation value; a. the0The number of downloads; a isiIs the ith data value in the use matrix;
the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta1、θ2Is a preset weight coefficient; n is the total number of data in the assignment matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all verified evaluation values;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein B is a second correlation value, BjEvaluating the jth evaluation value in the matrix;
the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, and calculating as follows:
K=μ1A+μ2B;
wherein K is a usable value; mu.s1、μ2Is a preset weight, mu1+μ2=1。
The working principle and the beneficial effects of the technical scheme are as follows:
and in the sharing process of the edge resource container, tracking and monitoring the shared information record, and determining the available value of the edge resource container based on the shared information record so as to determine whether to continue sharing. And by eliminating the containers with smaller available values, the shared resources are released, and the optimization of the resources is realized. Starting from two aspects in determining the available value of the edge resource container, wherein the first aspect is starting from the conditions of downloading and using the edge resource container after downloading; the second aspect is feedback of the user to use the edge resource container, the first aspect is analysis from objective factors, and the second aspect is analysis from subjective factors; the subjective and objective factors are combined, and the evaluation on the edge resource container is more accurate.
In one embodiment, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein P is the degree of matching, xkIs the kth parameter value of the first vector; y iskIs the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching value in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
The working principle and the beneficial effects of the technical scheme are as follows:
the use data can reflect the evaluation of the user to a certain extent, and the use data is used for evaluation value verification, so that the situation that the user uses the edge resource container all the time and gives relatively poor evaluation while giving evaluation and evaluation inconsistent with the use data can be avoided, and the accuracy of evaluation on the edge resource container from a subjective level is improved.
In one embodiment, the edge resource lightweight containerization integration and hierarchical domain sharing system further comprises: a cross-domain sharing module;
the cross-domain sharing module performs the following operations:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
The working principle and the beneficial effects of the technical scheme are as follows:
by setting the cross-level cross-domain authority, the cross-domain sharing is realized for the supplement of the grading and domain-division sharing; the acquisition of cross-level and cross-domain rights can be allocated by the system, for example, once a month; or, the user initiates a cross-level and cross-domain application in the domain where the user is located, and whether the user gives a cross-level and cross-domain authority is determined by voting of other users. After the application, the cross-level and cross-domain authority needs to be verified, so that the authority tampering is prevented, the difficulty of the authority tampering is increased based on the verification of all the users in the domain, and the safety of the authority is improved.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (10)
1. A method for lightweight containerization integration and hierarchical domain sharing of edge resources is characterized by comprising the following steps:
acquiring edge resources to be processed;
integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and configuring a hierarchical domain sharing rule for the edge resource container.
2. The method for lightweight containerized integration of edge resources and hierarchical domain sharing of claim 1, wherein the edge resources to be processed comprise: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
3. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 1, wherein the integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container comprises:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
4. The method for lightweight container integration and hierarchical domain sharing of edge resources according to claim 1, wherein said configuring the hierarchical domain sharing rules for the edge resource container comprises:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a shared area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing permission for the edge resource container.
5. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 1, further comprising:
acquiring a shared information record of the edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, cancelling the sharing of the edge resource container;
wherein determining an available value of the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user downloading the edge resource container;
sending a usage information query to the target user;
receiving feedback information of the target user for the use information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of the target users;
constructing a use matrix of the edge resource container based on all the data values of the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein A is the first correlation value; a. the0The number of downloads is the number of times; a isiIs the ith data value in the use matrix;
the preset credit weight of the target user corresponding to the ith data value in the use matrix is obtained; theta1、θ2Is a preset weight coefficient; n is the total number of data in the assignment matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein B is the second correlation value, BjThe jth evaluation value in the evaluation matrix;
the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining the available value based on the first correlation value and the second correlation value, the calculation formula being as follows:
K=μ1A+μ2B;
wherein K is the usable value; mu.s1、μ2Is a preset weight, mu1+μ2=1。
6. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 5, wherein the verifying the rating value based on the usage data comprises:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein P is the matching degree, xkIs the kth parameter value of the first vector; y iskIs the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring the verification matrix corresponding to the maximum matching value in the verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
7. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 1, further comprising:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of the other users to the inquiry instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain the authority verification information;
and when the authority verification information of all the other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
8. An edge resource lightweight containerization integration and hierarchical domain sharing system, comprising:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container.
9. The edge resource lightweight containerized integration and hierarchical domain sharing system of claim 8, wherein the pending edge resource comprises: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
10. The edge resource lightweight containerization integration and hierarchical domain sharing system of claim 8, wherein the integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container comprises:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110322260.0A CN113162985B (en) | 2021-03-25 | 2021-03-25 | Edge resource lightweight containerization integration and hierarchical domain sharing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110322260.0A CN113162985B (en) | 2021-03-25 | 2021-03-25 | Edge resource lightweight containerization integration and hierarchical domain sharing method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113162985A true CN113162985A (en) | 2021-07-23 |
| CN113162985B CN113162985B (en) | 2022-11-25 |
Family
ID=76884961
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110322260.0A Active CN113162985B (en) | 2021-03-25 | 2021-03-25 | Edge resource lightweight containerization integration and hierarchical domain sharing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113162985B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107231336A (en) * | 2016-03-25 | 2017-10-03 | 中兴通讯股份有限公司 | A kind of access control method, device and the gateway device of LAN Intranet resource |
| WO2018126387A1 (en) * | 2017-01-05 | 2018-07-12 | 深圳市前海中康汇融信息技术有限公司 | Database sharing management system |
| CN110737442A (en) * | 2019-09-24 | 2020-01-31 | 厦门网宿有限公司 | edge application management method and system |
| CN110838939A (en) * | 2019-10-11 | 2020-02-25 | 许继集团有限公司 | Scheduling method based on lightweight container and edge Internet of things management platform |
| WO2020207264A1 (en) * | 2019-04-08 | 2020-10-15 | 阿里巴巴集团控股有限公司 | Network system, service provision and resource scheduling method, device, and storage medium |
| US20210004274A1 (en) * | 2019-07-03 | 2021-01-07 | Telia Company Ab | Method and a device comprising an edge cloud agent for providing a service |
| WO2021011308A1 (en) * | 2019-07-18 | 2021-01-21 | Equifax Inc. | Secure resource management to prevent fraudulent resource access |
-
2021
- 2021-03-25 CN CN202110322260.0A patent/CN113162985B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107231336A (en) * | 2016-03-25 | 2017-10-03 | 中兴通讯股份有限公司 | A kind of access control method, device and the gateway device of LAN Intranet resource |
| WO2018126387A1 (en) * | 2017-01-05 | 2018-07-12 | 深圳市前海中康汇融信息技术有限公司 | Database sharing management system |
| WO2020207264A1 (en) * | 2019-04-08 | 2020-10-15 | 阿里巴巴集团控股有限公司 | Network system, service provision and resource scheduling method, device, and storage medium |
| US20210004274A1 (en) * | 2019-07-03 | 2021-01-07 | Telia Company Ab | Method and a device comprising an edge cloud agent for providing a service |
| WO2021011308A1 (en) * | 2019-07-18 | 2021-01-21 | Equifax Inc. | Secure resource management to prevent fraudulent resource access |
| CN110737442A (en) * | 2019-09-24 | 2020-01-31 | 厦门网宿有限公司 | edge application management method and system |
| CN110838939A (en) * | 2019-10-11 | 2020-02-25 | 许继集团有限公司 | Scheduling method based on lightweight container and edge Internet of things management platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113162985B (en) | 2022-11-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Rathee et al. | A secure communicating things network framework for industrial IoT using blockchain technology | |
| CN116938558A (en) | Computer implemented method for providing access to each node of a network and core network access system | |
| US20210084109A1 (en) | Content management system | |
| CN103875003A (en) | System and method for whitelisting applications in a mobile network environment | |
| CN108874638B (en) | Intelligent cloud management based on portrait information | |
| CN104221024A (en) | Unified scan engine | |
| CN114363352B (en) | Cross-chain interaction method of Internet of things system based on block chain | |
| US20210382986A1 (en) | Dynamic, Runtime Application Programming Interface Parameter Labeling, Flow Parameter Tracking and Security Policy Enforcement | |
| US10192262B2 (en) | System for periodically updating backings for resource requests | |
| CN110163739A (en) | Pay complaint method, device, server and readable storage medium storing program for executing | |
| US20240037570A1 (en) | Method for managing, evaluating and improving identity governance and administration | |
| CN112115507B (en) | Cloud service interaction method and big data platform based on cloud computing and information digitization | |
| US11552985B2 (en) | Method for predicting events using a joint representation of different feature types | |
| CN113162985B (en) | Edge resource lightweight containerization integration and hierarchical domain sharing method and system | |
| CN112653697A (en) | Access request processing method based on cloud computing and block chain and cloud service center | |
| Bala et al. | Transparent subsidized agri‐product distribution during pandemics with reputation based PoA blockchain | |
| CN115242433B (en) | Data processing method, system, electronic device and computer readable storage medium | |
| CN105376265A (en) | Use method and use device of network exhaustible resource | |
| CN114969832A (en) | Private data management method and system based on server-free architecture | |
| Sacanamboy et al. | Combined performance and risk analysis for border management applications | |
| Artych et al. | Security constraints for placement of latency sensitive 5G MEC applications | |
| GLAVAN et al. | Multi-access edge computing analysis of risks and security measures | |
| CN111489175A (en) | Online identity authentication method, device, system and storage medium | |
| Liu et al. | BGRA: A reference architecture for blockchain governance | |
| US11861015B1 (en) | Risk scoring system for vulnerability mitigation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |