CN113162985B - Edge resource lightweight containerization integration and hierarchical domain sharing method and system - Google Patents
Edge resource lightweight containerization integration and hierarchical domain sharing method and system Download PDFInfo
- Publication number
- CN113162985B CN113162985B CN202110322260.0A CN202110322260A CN113162985B CN 113162985 B CN113162985 B CN 113162985B CN 202110322260 A CN202110322260 A CN 202110322260A CN 113162985 B CN113162985 B CN 113162985B
- Authority
- CN
- China
- Prior art keywords
- edge
- data
- edge resource
- evaluation
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000010354 integration Effects 0.000 title claims abstract description 40
- 238000000034 method Methods 0.000 title claims abstract description 22
- 230000007246 mechanism Effects 0.000 claims abstract description 10
- 238000011156 evaluation Methods 0.000 claims description 94
- 238000012795 verification Methods 0.000 claims description 83
- 239000011159 matrix material Substances 0.000 claims description 62
- 239000013598 vector Substances 0.000 claims description 33
- 238000004364 calculation method Methods 0.000 claims description 27
- 238000007726 management method Methods 0.000 claims description 20
- 230000004044 response Effects 0.000 claims description 12
- 238000012544 monitoring process Methods 0.000 claims description 7
- 238000004891 communication Methods 0.000 claims description 6
- 238000013523 data management Methods 0.000 claims description 6
- 238000001514 detection method Methods 0.000 claims description 6
- 230000009286 beneficial effect Effects 0.000 description 14
- 238000004458 analytical method Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000005457 optimization Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 2
- 239000013589 supplement Substances 0.000 description 2
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/1805—Append-only file systems, e.g. using logs or journals to store data
- G06F16/1815—Journaling file systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Data Mining & Analysis (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides a method and a system for edge resource lightweight containerized integration and hierarchical domain sharing, wherein the method comprises the following steps: acquiring edge resources to be processed; integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container; and configuring a hierarchical domain sharing rule for the edge resource container. The lightweight containerization integration and hierarchical domain sharing method for the edge resources improves the control strength of the access of the edge resources through a hierarchical domain sharing mechanism, and improves the efficiency of deploying the edge resources through containerization.
Description
Technical Field
The invention relates to the technical field of data processing and sharing, in particular to a lightweight container integration and hierarchical domain sharing method and system for edge resources.
Background
At present, edge computing is to construct a distributed open system fusing network, computing, storage and application core capabilities on the network edge side close to an object or a data source, so as to provide intelligent services nearby and meet key requirements of manufacturing industry in aspects of agile connection, real-time service, data optimization, application intelligence, safety, privacy protection and the like.
With the continuous improvement of the informatization construction level, the operation and maintenance environment is increasingly complex, so that how to strengthen the access control strength on the edge resources of the user on the premise of ensuring that the original edge calculation is not influenced becomes a problem to be solved urgently.
Disclosure of Invention
One of the objectives of the present invention is to provide a lightweight containerization integration and hierarchical domain sharing method for edge resources, which improves the control strength of access to the edge resources through a hierarchical domain sharing mechanism, and improves the efficiency of deploying the edge resources through containerization.
The embodiment of the invention provides a lightweight containerization integration and hierarchical domain sharing method for edge resources, which comprises the following steps:
acquiring edge resources to be processed;
integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and configuring a hierarchical domain sharing rule for the edge resource container.
Preferably, the edge resource to be processed includes: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or deny data to enter or exit.
Preferably, integrating the edge resource to be processed based on a preset lightweight container template to obtain the edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Preferably, the configuring the hierarchical domain sharing rule for the edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a sharing area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing authority for the edge resource container.
Preferably, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further includes:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource containers based on the shared information records comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein A is a first correlation value; a. The 0 The number of downloads; a is i The ith data value in the matrix is used;the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta 1 、θ 2 Is a preset weight coefficient; n is the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein B is a second correlation value, B j Is the jth evaluation value in the evaluation matrix;the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, and calculating as follows:
K=μ 1 A+μ 2 B;
wherein K is a usable value; mu.s 1 、μ 2 Is a preset weight, mu 1 +μ 2 =1。
Preferably, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein P is the degree of matching, x k Is the kth parameter value of the first vector; y is k Is the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching degree in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
Preferably, the method for integrating edge resource lightweight containerization and sharing hierarchical domains further includes:
when a cross-level and cross-domain obtaining instruction of a user is received, obtaining a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
The invention also provides a lightweight containerization integration and hierarchical domain sharing system for edge resources, which comprises:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container.
Preferably, the edge resource to be processed includes: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or deny data to enter or exit.
Preferably, integrating the edge resource to be processed based on a preset lightweight container template to obtain the edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a schematic diagram of an edge resource lightweight containerization integration and hierarchical domain sharing method according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
The embodiment of the invention provides a method for edge resource lightweight containerization integration and hierarchical domain sharing, which comprises the following steps of:
step S1: acquiring edge resources to be processed;
step S2: integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and step S3: and configuring a hierarchical domain sharing rule for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge resource is subjected to lightweight containerization to form an edge resource container, namely, various module files used by the edge resource are integrated, and the integration can be specifically expressed as mirror image files of the edge resource container, and then a hierarchical domain sharing rule is configured, so that the edge resource container can be shared in the hierarchy and the domains where the edge resource to be processed is located; users in the same classification and domain can obtain the edge resource container, the security of the edge resource container is improved based on a classification and domain sharing mechanism, and the data security is improved. By integrating the edge resources, the efficiency of system configuration after the user downloads is improved.
In one embodiment, the pending edge resources include: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge computing is realized according to the edge gateway module, the edge cloud module, the log management module and the safety control module, and after containerization integration, rapid deployment in a new operating environment is realized.
In one embodiment, integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
The working principle and the beneficial effects of the technical scheme are as follows:
when containerization integration is carried out, firstly, integrity is verified, and the requirement of edge calculation can be met after containerization integration is ensured; during integration, integration is mainly carried out on the basis of a lightweight container template, so that rapid integration is realized; and when the integrity verification fails, outputting the type information of the missing resources, and completing by the provider of the edge resources to be processed, or completing according to the edge resources to be processed from a preset resource library.
In one embodiment, configuring a hierarchical domain sharing rule for an edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the atmosphere,
setting a sharing area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing authority for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the sharing rules include: the sharing times, the sharing areas, the sharing authority levels and the like are based on the sharing times, namely the sharing times are reduced by one every time the edge resource container is downloaded, and when the sharing times are zero, the sharing of the edge resource container is cancelled. The user can download the edge resource container only in the range of the shared area; and the user can download the file only when the authority level of the user meets the sharing authority.
In one embodiment, the method for integrating edge resource lightweight containerization and sharing hierarchical domains further comprises the following steps:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein A is a first correlation value; a. The 0 The number of downloads; a is i Is the ith data value in the use matrix;the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta.theta. 1 、θ 2 Is preset toThe weight coefficient of (a); n is the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein B is a second correlation value, B j Is the jth evaluation value in the evaluation matrix;the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, the calculation formula is as follows:
K=μ 1 A+μ 2 B;
wherein K is a usable value; mu.s 1 、μ 2 Is a preset weight, mu 1 +μ 2 =1。
The working principle and the beneficial effects of the technical scheme are as follows:
and in the sharing process of the edge resource container, tracking and monitoring the shared information record, and determining the available value of the edge resource container based on the shared information record so as to determine whether to continue sharing. And by eliminating the containers with smaller available values, the shared resources are released, and the optimization of the resources is realized. Starting from two aspects in determining the available value of the edge resource container, wherein the first aspect is starting from the conditions of downloading and using the edge resource container after downloading; the second aspect is feedback of the user for using the edge resource container, the first aspect is analysis from an objective factor, and the second aspect is analysis from a subjective factor; the subjective and objective factors are combined, and the evaluation on the edge resource container is more accurate.
In one embodiment, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein P is the degree of matching, x k Is the kth parameter value of the first vector; y is k Is the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching degree in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
The working principle and the beneficial effects of the technical scheme are as follows:
the use data can reflect the evaluation of the user to a certain extent, and the use data is used for evaluation value verification, so that the situation that the user uses the edge resource container all the time and gives relatively poor evaluation while avoiding and evaluation inconsistent with the use data can be avoided, and the accuracy of the evaluation of the edge resource container from the subjective aspect is improved.
In one embodiment, the method for lightweight containerization integration and hierarchical domain sharing of edge resources further comprises:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry command; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
The working principle and the beneficial effects of the technical scheme are as follows:
by setting the cross-level cross-domain authority, the cross-domain sharing is realized for the supplement of the grading and domain-division sharing; the acquisition of cross-level and cross-domain rights can be allocated by the system, for example, once a month; or, the user initiates a cross-level cross-domain application in the domain where the user is located, and whether the user gives a cross-level cross-domain authority is determined by voting of other users. After the application, the cross-level and cross-domain authority needs to be verified, so that the authority tampering is prevented, the difficulty of the authority tampering is increased based on the verification of all the users in the domain, and the safety of the authority is improved.
The invention also provides a lightweight containerization integration and hierarchical domain sharing system for edge resources, which comprises:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
and the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge resource is subjected to lightweight containerization to form an edge resource container, namely, various module files used by the edge resource are integrated and can be specifically represented as mirror images of the edge resource container, and then a hierarchical domain sharing rule is configured, so that the edge resource container can be shared in the hierarchy and the domains where the edge resource to be processed is located; users in the same classification and domain can obtain the edge resource container, the security of the edge resource container is improved based on a classification and domain sharing mechanism, and the data security is improved. By integrating the edge resources, the efficiency of system configuration after the user downloads is improved.
In one embodiment, the pending edge resources include: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
The working principle and the beneficial effects of the technical scheme are as follows:
the edge computing is realized according to the edge gateway module, the edge cloud module, the log management module and the safety control module, and after containerization integration, rapid deployment in a new operating environment is realized.
In one embodiment, integrating edge resources to be processed based on a preset lightweight container template to obtain an edge resource container includes:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
The working principle and the beneficial effects of the technical scheme are as follows:
when containerization integration is carried out, firstly, integrity is verified, and the requirement of edge calculation can be met after containerization integration is ensured; during integration, integration is mainly carried out on the basis of a lightweight container template, so that rapid integration is realized; and when the integrity verification fails, outputting the type information of the missing resources, and completing by the provider of the edge resources to be processed, or completing according to the edge resources to be processed from a preset resource library.
In one embodiment, configuring a hierarchical domain sharing rule for an edge resource container includes:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a shared area for the edge resource container;
and/or the presence of a gas in the atmosphere,
and setting sharing authority for the edge resource container.
The working principle and the beneficial effects of the technical scheme are as follows:
the sharing rules include: the sharing times, the sharing areas, the sharing authority levels and the like are based on the sharing times, namely the sharing times are reduced by one every time the edge resource containers are downloaded, and when the sharing times return to zero, the sharing of the edge resource containers is cancelled. The user can download the edge resource container only in the range of the shared area; and the user's permission level is in accordance with the sharing permission.
In one embodiment, the edge resource lightweight containerization integration and hierarchical domain sharing system further comprises: the monitoring module is shared by the two modules,
the shared monitoring module performs the following operations:
acquiring a shared information record of an edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, the sharing of the edge resource container is cancelled;
wherein determining available values for the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to a target user;
receiving feedback information of a target user for using information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of each target user;
constructing a use matrix of the edge resource container based on the data values of all the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein A is a first correlation value; a. The 0 The number of downloads; a is i The ith data value in the matrix is used;the preset credit weight of the target user corresponding to the ith data value in the use matrix; theta.theta. 1 、θ 2 Is a preset weight coefficient; n is the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all verified evaluation values;
and determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein B is a second correlation value, B j Is the jth evaluation value in the evaluation matrix;the preset credit weight of the target user corresponding to the jth evaluation value in the evaluation matrix is obtained; n is the total number of data in the evaluation matrix;
determining an available value based on the first correlation value and the second correlation value, the calculation formula is as follows:
K=μ 1 A+μ 2 B;
wherein K is a usable value; mu.s 1 、μ 2 Is a preset weight, mu 1 +μ 2 =1。
The working principle and the beneficial effects of the technical scheme are as follows:
and in the process of sharing the edge resource container, tracking and monitoring the shared information record, and determining the available value of the edge resource container based on the shared information record so as to determine whether to continue sharing. And by eliminating the containers with smaller available values, the shared resources are released, and the optimization of the resources is realized. Starting from two aspects in determining the available value of the edge resource container, wherein the first aspect is starting from the conditions of downloading and using the edge resource container after downloading; the second aspect is feedback of the user to use the edge resource container, the first aspect is analysis from objective factors, and the second aspect is analysis from subjective factors; subjective factors and objective factors are integrated, and the evaluation on the edge resource container is more accurate.
In one embodiment, verifying the evaluation value based on the usage data includes:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
and calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein P is the degree of matching, x k Is the kth parameter value of the first vector; y is k Is the kth parameter value of the second vector; m is the total number of data in the first vector or the total number of data in the second vector;
acquiring a verification matrix corresponding to the maximum matching degree in a verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist with the verification matrix, the verification is not passed.
The working principle and the beneficial effects of the technical scheme are as follows:
the use data can reflect the evaluation of the user to a certain extent, and the use data is used for evaluation value verification, so that the situation that the user uses the edge resource container all the time and gives relatively poor evaluation while giving evaluation and evaluation inconsistent with the use data can be avoided, and the accuracy of evaluation on the edge resource container from a subjective level is improved.
In one embodiment, the edge resource lightweight containerization integration and hierarchical domain sharing system further comprises: a cross-domain sharing module;
the cross-domain sharing module performs the following operations:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of other users to the inquiry instruction; the response information comprises authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain authority verification information;
and when the authority verification information of all other users is consistent, verifying the cross-level cross-domain authority based on the authority verification information.
The working principle and the beneficial effects of the technical scheme are as follows:
by setting the cross-level cross-domain authority, the cross-domain sharing is realized for the supplement of the grading and domain-division sharing; the acquisition of cross-level and cross-domain rights can be allocated by the system, for example, once a month; or, the user initiates a cross-level and cross-domain application in the domain where the user is located, and whether the user gives a cross-level and cross-domain authority is determined by voting of other users. After the application, the cross-level and cross-domain authority needs to be verified, so that the authority tampering is prevented, the difficulty of the authority tampering is increased based on the verification of all the users in the domain, and the safety of the authority is improved.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (9)
1. A method for edge resource lightweight containerization integration and hierarchical domain sharing is characterized by comprising the following steps:
acquiring edge resources to be processed;
integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
configuring a hierarchical domain sharing rule for the edge resource container;
acquiring a shared information record of the edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, cancelling the sharing of the edge resource container;
wherein determining an available value of the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user for downloading the edge resource container;
sending a usage information query to the target user;
receiving feedback information of the target user for the use information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of the target users;
constructing a use matrix of the edge resource container based on all the data values of the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein,is the first correlation value;the number of downloads is the number of times;as the first in the usage matrixA data value;as the first in the usage matrixThe preset credit weight of the target user corresponding to the data value;、is a preset weight coefficient;the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein,for the purpose of said second correlation value,is the first in the evaluation matrixThe evaluation value;is the first in the evaluation matrixThe preset credit weight of the target user corresponding to each evaluation value; n is the total number of data in the evaluation matrix;
determining the available value based on the first correlation value and the second correlation value, the calculation formula being as follows:
2. the method of lightweight containerized integration of edge resources and hierarchical domain sharing of claim 1 wherein the edge resources to be processed comprise: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or reject data to enter and exit.
3. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 1, wherein the integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container comprises:
verifying the integrity of the edge resource to be processed;
when the verification is passed, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
4. The method for lightweight container integration and hierarchical domain sharing of edge resources according to claim 1, wherein said configuring the hierarchical domain sharing rules for the edge resource container comprises:
setting sharing times for the edge resource container;
and/or the presence of a gas in the gas,
setting a shared area for the edge resource container;
and/or the presence of a gas in the gas,
and setting sharing permission for the edge resource container.
5. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 4, wherein the verifying the rating value based on the usage data comprises:
acquiring a preset verification library; the first vectors in the verification library correspond to the verification matrixes one by one;
constructing a second vector based on the usage data;
calculating the matching degree of the first vector and the second vector, wherein the calculation formula is as follows:
wherein,in order to be said degree of matching,is the first vector ofA parameter value;is the second vector of the second vectorA parameter value;is the total number of data in the first vector or the total number of data in the second vector;
acquiring the verification matrix corresponding to the maximum matching degree in the verification library;
when the evaluation value exists in the verification matrix, the verification is passed; when the evaluation value does not exist in the verification matrix, the verification is not passed.
6. The edge resource lightweight containerization integration and hierarchical domain sharing method of claim 1, further comprising:
when a cross-level and cross-domain acquisition instruction of a user is received, acquiring a cross-level and cross-domain authority of the user;
verifying the cross-level and cross-domain authority, and acquiring a domain list which is allowed to be acquired by a user when the verification is passed;
providing a sharing service for the user based on the domain list;
wherein, verifying the cross-level and cross-domain authority comprises:
sending inquiry instructions to other users in the domain where the users are located;
receiving response information of the other users to the query instruction; the response information comprises the authority verification information of the user pre-stored on the equipment of other users;
analyzing the response information to obtain the authority verification information;
and when the authority verification information of all the other users is consistent, verifying the cross-level and cross-domain authority based on the authority verification information.
7. An edge resource lightweight containerization integration and hierarchical domain sharing system, comprising:
the acquisition module is used for acquiring edge resources to be processed;
the integration module is used for integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container;
the configuration module is used for configuring a hierarchical domain sharing rule for the edge resource container;
the shared monitoring module is used for monitoring the operation of the mobile phone,
the shared monitoring module performs the following operations:
acquiring a shared information record of the edge resource container;
determining an available value of the edge resource container based on the shared information record;
when the available value is smaller than a preset threshold value, cancelling the sharing of the edge resource container;
wherein determining an available value of the edge resource container based on the shared information record comprises:
analyzing the shared information record, acquiring the downloading times of the edge resource container in a preset first time period, and acquiring a target user downloading the edge resource container;
sending a usage information query to the target user;
receiving feedback information of the target user for the usage information query;
analyzing the feedback information to obtain the use data of the edge resource container; the usage data includes: length of use, is now in use, has unloaded one or more combinations thereof;
identifying the use data of the target users based on a preset use data identification model, and acquiring data values corresponding to the use data of the target users;
constructing a use matrix of the edge resource container based on all the data values of the target users;
determining a first correlation value based on the usage matrix and the download times, wherein the calculation formula is as follows:
wherein,is the first correlation value;the number of downloads is the number of times;is the first in the usage matrixA data value;as the first in the usage matrixThe preset credit weight of the target user corresponding to the data value;、is a preset weight coefficient;the total number of data in the use matrix;
analyzing the shared information record to obtain the evaluation of the target user on the edge resource container;
identifying the evaluation of the target user on the edge resource container based on a preset evaluation identification model, and acquiring an evaluation value;
verifying the evaluation value based on the usage data; deleting the evaluation value when the verification fails;
constructing an evaluation matrix based on all the evaluation values passing the verification;
and determining a second correlation value based on the evaluation matrix, wherein the calculation formula is as follows:
wherein,in order to be said second correlation value, the correlation value,is the first in the evaluation matrixThe evaluation value;is the first in the evaluation matrixThe preset credit weight of the target user corresponding to each evaluation value; n is the total number of data in the evaluation matrix;
determining the available value based on the first correlation value and the second correlation value, the calculation formula is as follows:
8. the edge resource lightweight containerized integration and hierarchical domain sharing system of claim 7, wherein the pending edge resource comprises: one or more of an edge gateway module, an edge cloud module, a log management module and a safety control module are combined;
the edge gateway module is used for realizing the data communication function of edge calculation;
the edge cloud module is used for data acquisition, data management, data exchange and data source management;
the log management module is used for managing the operations of storing, analyzing, backing up and referring to the daily operation behavior record log;
the security control module is used for checking a source address, a destination address, a source port, a destination port and a protocol through an ACL detection mechanism so as to allow or deny data to enter or exit.
9. The edge resource lightweight containerization integration and hierarchical domain sharing system of claim 7, wherein the integrating the edge resources to be processed based on a preset lightweight container template to obtain an edge resource container comprises:
verifying the integrity of the edge resource to be processed;
when the verification passes, integrating based on the lightweight container template;
and when the verification fails, outputting the type information of the missing resource.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110322260.0A CN113162985B (en) | 2021-03-25 | 2021-03-25 | Edge resource lightweight containerization integration and hierarchical domain sharing method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110322260.0A CN113162985B (en) | 2021-03-25 | 2021-03-25 | Edge resource lightweight containerization integration and hierarchical domain sharing method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113162985A CN113162985A (en) | 2021-07-23 |
CN113162985B true CN113162985B (en) | 2022-11-25 |
Family
ID=76884961
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110322260.0A Active CN113162985B (en) | 2021-03-25 | 2021-03-25 | Edge resource lightweight containerization integration and hierarchical domain sharing method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113162985B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018126387A1 (en) * | 2017-01-05 | 2018-07-12 | 深圳市前海中康汇融信息技术有限公司 | Database sharing management system |
WO2020207264A1 (en) * | 2019-04-08 | 2020-10-15 | 阿里巴巴集团控股有限公司 | Network system, service provision and resource scheduling method, device, and storage medium |
WO2021011308A1 (en) * | 2019-07-18 | 2021-01-21 | Equifax Inc. | Secure resource management to prevent fraudulent resource access |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107231336A (en) * | 2016-03-25 | 2017-10-03 | 中兴通讯股份有限公司 | A kind of access control method, device and the gateway device of LAN Intranet resource |
SE545262C2 (en) * | 2019-07-03 | 2023-06-13 | Telia Co Ab | A method and a device comprising an edge cloud agent for providing a service |
CN110737442B (en) * | 2019-09-24 | 2021-06-22 | 厦门网宿有限公司 | Edge application management method and system |
CN110838939B (en) * | 2019-10-11 | 2022-04-08 | 许继集团有限公司 | Scheduling method based on lightweight container and edge Internet of things management platform |
-
2021
- 2021-03-25 CN CN202110322260.0A patent/CN113162985B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018126387A1 (en) * | 2017-01-05 | 2018-07-12 | 深圳市前海中康汇融信息技术有限公司 | Database sharing management system |
WO2020207264A1 (en) * | 2019-04-08 | 2020-10-15 | 阿里巴巴集团控股有限公司 | Network system, service provision and resource scheduling method, device, and storage medium |
WO2021011308A1 (en) * | 2019-07-18 | 2021-01-21 | Equifax Inc. | Secure resource management to prevent fraudulent resource access |
Also Published As
Publication number | Publication date |
---|---|
CN113162985A (en) | 2021-07-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Rathee et al. | A secure communicating things network framework for industrial IoT using blockchain technology | |
CN105763547B (en) | Third party's authorization method and third party's authoring system | |
CN116938558A (en) | Computer implemented method for providing access to each node of a network and core network access system | |
US20210084109A1 (en) | Content management system | |
CN114363352B (en) | Cross-chain interaction method of Internet of things system based on block chain | |
US11379591B2 (en) | Methods and devices for user authorization | |
US10192262B2 (en) | System for periodically updating backings for resource requests | |
Labib et al. | Trustworthiness in iot–a standards gap analysis on security, data protection and privacy | |
US10013237B2 (en) | Automated approval | |
US20240037570A1 (en) | Method for managing, evaluating and improving identity governance and administration | |
CN113162985B (en) | Edge resource lightweight containerization integration and hierarchical domain sharing method and system | |
Shaaban et al. | Toward applying the iec 62443 in the uas for secure civil applications | |
CN112653697A (en) | Access request processing method based on cloud computing and block chain and cloud service center | |
GLAVAN et al. | Multi-access edge computing analysis of risks and security measures | |
CN113051603A (en) | Cloud service interaction method combining cloud computing and information digitization and big data platform | |
CN115242433B (en) | Data processing method, system, electronic device and computer readable storage medium | |
CN116346432A (en) | Access control system, electronic equipment and storage medium of energy industry internet | |
US20240012921A1 (en) | Dynamic resolution and enforcement of data compliance | |
CN105376265A (en) | Use method and use device of network exhaustible resource | |
Sacanamboy et al. | Combined performance and risk analysis for border management applications | |
Artych et al. | Security constraints for placement of latency sensitive 5G MEC applications | |
Lobo et al. | On security policy migrations | |
Rashid et al. | Privacy awareness for IoT platforms: BRAIN-IoT approach | |
Wagner | Towards a Formal Model for Quantifying Trust in Distributed Usage Control Systems | |
US20240241970A1 (en) | Proximity-based data access control |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |