CN113795026B - Authentication security level and resource optimization method for computing unloading in edge computing network - Google Patents

Authentication security level and resource optimization method for computing unloading in edge computing network Download PDF

Info

Publication number
CN113795026B
CN113795026B CN202110883180.2A CN202110883180A CN113795026B CN 113795026 B CN113795026 B CN 113795026B CN 202110883180 A CN202110883180 A CN 202110883180A CN 113795026 B CN113795026 B CN 113795026B
Authority
CN
China
Prior art keywords
transmission rate
edge
data block
calculation frequency
security level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110883180.2A
Other languages
Chinese (zh)
Other versions
CN113795026A (en
Inventor
裴庆祺
肖慧子
冯杰
刘雷
卫佳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xi'an Lianrong Technology Co ltd
Xidian University
Original Assignee
Xi'an Lianrong Technology Co ltd
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xi'an Lianrong Technology Co ltd, Xidian University filed Critical Xi'an Lianrong Technology Co ltd
Priority to CN202110883180.2A priority Critical patent/CN113795026B/en
Publication of CN113795026A publication Critical patent/CN113795026A/en
Application granted granted Critical
Publication of CN113795026B publication Critical patent/CN113795026B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5061Partitioning or combining of resources
    • G06F9/5072Grid computing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5094Allocation of resources, e.g. of the central processing unit [CPU] where the allocation takes into account power or heat criteria
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/50Indexing scheme relating to G06F9/50
    • G06F2209/502Proximity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/50Indexing scheme relating to G06F9/50
    • G06F2209/509Offload

Abstract

The invention belongs to the technical field of communication, and discloses an authentication security level and resource optimization method for computing offloading in an edge computing network, which comprises the following steps: initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number; and determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity. The algorithm proposed by the present invention has significant performance advantages over other schemes and indeed provides a trade-off between time delay of computation offload and authentication security level in edge computing networks.

Description

Authentication security level and resource optimization method for computing unloading in edge computing network
Technical Field
The invention belongs to the technical field of communication, and particularly relates to an authentication security level and resource optimization method for computing offloading in an edge computing network.
Background
Currently, as the fifth generation (5G) technology enters the final commercial stage, the academic and industrial community are concerned about the development of the next generation wireless cellular network (6G). With the rapid development of hardware infrastructure, intelligent algorithms and communication technologies, intelligent terminals are widely deployed near users. Emerging applications and services such as autopilot, telemedicine, and augmented/virtual reality have gradually penetrated the everyday lives of the present invention. They bring about a multiplied traffic load and stringent service requirements (e.g., high reliability and delay sensitivity). Mobile devices with limited power consumption and computing power are not sufficient to support these services and applications. Therefore, mobile edge computing systems must become an important component of future 6G evolution, where some of the urgent tasks can be performed on edge servers that are close to the user.
The edge server assists the terminal to execute the task and involves calculation unloading, and is one of key technologies of the edge calculation system. It allocates some or all of the tasks to the edge servers to reduce execution delay, improve service reliability, and reduce power consumption of the restricted mobile device. There are some computing offload problems that are urgently needed to be solved in edge computing systems. Global resources should be evaluated, allocated, and optimized simultaneously when selecting the appropriate edge server to make the offloading decision. Data security issues are also particularly acute and difficult for complex, dynamic and coupled edge computing systems. Especially edge servers, inevitably collect more security and privacy information due to their unique network architecture close to the devices and users.
In the prior art, security can be expensive, which means additional costs. The safe implementation process has the necessary software and equipment cost, and also has the computing capacity, time delay and energy consumption. The signature abstract attached to the original data makes a transmission packet large and occupies idle bandwidth resources. It is clearly more reasonable to deploy different signature algorithms on different edge servers than if each edge server were equipped with all signature algorithms. The mobile device and the user comprehensively make a shunting decision according to the characteristics of the task of the mobile device and different resources and authentication security mechanisms on the edge server, so that the required security level and resource optimization are obtained in a self-adaptive manner. Task execution efficiency and security level are contradictory, and achieving a trade-off between these two conflicting terms is a very meaningful and critical issue.
Thus, a digital signature is needed to sign and verify the data to be transmitted to confirm integrity and to record the source of the save or repudiation. It is an indispensable part of network communication and can be used for dealing with the threat of an attacker running malicious commands, codes and patches by using a device. Computational offloading may involve migration of large packets. Due to the mobility of the device and the instability of the network, the data packet loss or disorder is very likely to occur, so that the verification fails and the flexibility of the edge environment is not met. Merkle tree signatures can be well applied to edge computation scenarios where security depends only on the presence of a secure hash function. The safety of the hash function depends on the length of the hash function in brute force attack, and compared with the traditional digital signature scheme (DSA) and RSA, the Merkle tree signature is an alternative signature scheme for resisting a quantum computer.
Through the above analysis, the problems and defects of the prior art are as follows:
(1) the prior art has high safety and much extra consumption, and has necessary software and equipment cost, computing capacity, time delay and energy consumption in the safe implementation process.
(2) The signature abstract attached to the original data makes a transmission packet large and occupies idle bandwidth resources.
(3) Task execution efficiency and security level are contradictory, and achieving a trade-off between these two conflicting requirements is a very meaningful and critical issue.
The difficulty in solving the above problems and defects is: under the conditions of dynamic and heterogeneous edge computing networks and limited computing communication resources, the authentication security level is difficult to measure, different authentication algorithms can possibly result in completely different authentication security protection strengths for different enemies in different scenes, and the task of adaptively selecting edge servers with different authentication security strengths according to the current resource status of equipment and users to unload is a difficult point.
The significance of solving the problems and the defects is as follows: the equipment and the user can adaptively select edge servers with different authentication security strengths to unload tasks according to the current resource status, and achieve the effects of time delay, energy consumption and security joint optimization through communication, calculation and secure resource allocation. The energy consumption of the edge server can be saved, and the service efficiency is improved.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides an authentication security level and resource optimization method for computing offloading in an edge computing network.
The invention is realized by an authentication security level and resource optimization method for computing offload in an edge computing network, which comprises the following steps:
initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the data block quantity; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number; and determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
Further, the authentication security level and resource optimization method for computing offload in the edge computing network includes the following steps:
step one, initializing Lagrangian dual variables mu (0), beta (0), v (0),
Figure BDA0003192941880000031
Maximum number of iterations tmaxAnd an accuracy oa;
step two, making t equal to 0;
step three, when t is less than or equal to tmaxAccording to Lagrangian dual variables μ (t), β (t), v (t),
Figure BDA0003192941880000032
Respectively obtaining an unloading indication x (t) and a packet transmission rate r (t) of unloading tasks and data, and obtaining new Lagrangian dual variables mu (t +1), beta (t +1), v (t +1) and the like according to the unloading indication x (t) and the transmission rate r (t),
Figure BDA0003192941880000033
Step four, if the two-norm of the dual variable is smaller than the precision oa, an optimal unloading indication x is derived*And a transmission rate r*(ii) a Otherwise, updating t to t +1, and re-executing the step three;
step five, setting the minimum value N of the data block quantity intervall(0) And maximum value Nr(0) So that the optimum number of data blocks N*Satisfy Nl(0)≤N*≤Nr(0);
Step six, making l equal to 0, and setting the maximum iteration number lmax
Step seven, calculating Nm(l)=(Nl(l)+Nr(l) 2, if N | |)r(l)-Nl(l) | | > 1, according to Nm(l) Obtain the function value F' (N)m(l) ); if F' (N)m(l) Is greater than or equal to 0) and makes Nl(l+1)=Nl(l),Nr(l+1)=Nm(l) (ii) a Otherwise, Nl(l+1)=Nm(l),Nr(l+1)=Nr(l) (ii) a Otherwise, the optimal number of data blocks N*=Round(Nm(l));
Step eight, if l is less than or equal to lmaxIf yes, updating l to l +1, and executing the step seven again;
step nine, initializing the edge calculation frequency f (0) and the data block quantity N (0) of the Merkle signature tree, and setting the maximum iteration number mmaxAnd the precision η;
step ten, making m equal to 1;
step eleven, according to the edge calculation frequency f (0) and the data block number N (0), executing step four to obtain an unloading indication x (0) and a transmission rate r (0);
step twelve, according to the unloading indication x (0), the transmission rate r (0), the edge calculation frequency f (0) and the data block number N (0), obtaining G (0);
thirteen step, when m is less than or equal to mmaxObtaining an edge calculation frequency f (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the data block number N (m-1), executing a step seven according to the unloading indication x (m-1), the transmission rate r (m-1) and the edge calculation frequency f (m-1) to obtain the data block number N (m)) (ii) a According to the edge calculation frequency f (m) and the data block quantity N (m), executing the step four to obtain an unloading indication x (m) and a transmission rate r (m); obtaining G (m) according to the unloading indication x (m), the transmission rate r (m), the edge calculation frequency f (m) and the data block number N (m);
step fourteen, if | | G (m) -G (m-1) | | is less than or equal to η, obtaining the optimal unloading indication, transmission rate, edge calculation frequency and data block number; otherwise, updating m to m +1, and executing step thirteen again.
Further, in step three, the update of the dual variable is represented as follows:
Figure BDA0003192941880000041
Figure BDA0003192941880000042
Figure BDA0003192941880000043
Figure BDA0003192941880000051
wherein the content of the first and second substances,
Figure BDA0003192941880000052
Figure BDA0003192941880000053
Figure BDA0003192941880000054
Figure BDA0003192941880000055
t is the index of the iteration, m (t), n (t), j (t), and o (t) are all very small non-negative steps, and
Figure BDA0003192941880000056
further, in step four, the two norms of the dual variables are expressed as follows:
||μ(t+1)-μ(t)||<ò,
||β(t+1)-β(t)||<ò,
||v(t+1)-v(t)||<ò,
Figure BDA0003192941880000057
the solved equations for the transmission rate r (t) and the unload indicator x (t) are:
Figure BDA0003192941880000058
Figure BDA0003192941880000059
wherein the content of the first and second substances,
Figure BDA0003192941880000061
Figure BDA0003192941880000062
further, in step seven, the function is expressed as follows:
Figure BDA0003192941880000063
further, in step thirteen, the edge calculation frequency calculation formula is as follows:
Figure BDA0003192941880000064
further, in step twelve and step thirteen, the G is calculated as follows:
Figure BDA0003192941880000065
wherein, Ti,kFor time delay, Li,kIn order to authenticate the level of security,
Figure BDA0003192941880000066
and
Figure BDA0003192941880000067
is a weight coefficient.
Another object of the present invention is to provide an authentication security level and resource optimization system for computation offload in an edge computing network, which applies the authentication security level and resource optimization method for computation offload in an edge computing network, wherein the authentication security level and resource optimization system for computation offload in an edge computing network comprises:
the initialization module is used for initializing the edge calculation frequency and the data block quantity of the Merkle signature tree and setting the maximum iteration number and the maximum iteration precision;
the unloading indication acquisition module is used for obtaining unloading indication and transmission rate according to the edge calculation frequency and the data block number;
the edge calculation frequency acquisition module is used for obtaining edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks;
the data block quantity obtaining module is used for obtaining the data block quantity according to the unloading indication, the transmission rate and the edge calculation frequency;
the target value acquisition module is used for obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number;
and the loop judgment module is used for determining whether to loop according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
It is a further object of the invention to provide a computer device comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to perform the steps of:
initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the data block quantity; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity; and determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
Another object of the present invention is to provide an information data processing terminal, which is used for implementing the authentication security level and resource optimization system for computation offload in the edge computing network.
By combining all the technical schemes, the invention has the advantages and positive effects that: the invention provides an authentication security level and resource optimization method for calculating unloading in an edge computing network, which particularly relates to the joint optimization of unloading indication, packet transmission rate, edge computing frequency and Merkle tree signature data block number and the selection of an unloading edge server, and sets the maximum iteration number and the maximum iteration precision by initializing the edge computing frequency and the Merkle tree signature data block number; calculating the frequency and the data block number according to the edge to obtain an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity; determining whether to circulate according to the maximum iteration number and the target value precision; the method comprises the steps of obtaining an optimal unloading indication, a transmission rate, an edge calculation frequency and a data block number, jointly optimizing the unloading indication to make an unloading decision, packet transmission rate to correctly utilize transmission resources, edge calculation frequency to save energy consumption, and the data block number of Merkle tree signatures to influence an authentication security level, and realizing balance between time delay of task unloading to an edge server and the authentication security level.
The invention takes the authentication security level of the maximized Merkle tree signature as a part of the optimization target, and takes the lowest allowable authentication security level as one of the constraints. The scheme provided by the invention combines the transmission capability of the mobile equipment, the computing capability of the edge server and different deployed hash algorithms to make a computation offloading decision. The invention sets a minimum optimization problem to jointly optimize the selected index, the packet transmission rate, the edge calculation frequency and the data block number to obtain an optimal target value, and the target value can balance time delay and authentication security level at the same time and is used for calculation unloading of an edge calculation system.
Simulation results show that the algorithm provided by the invention has good convergence and effectiveness. Meanwhile, compared with other schemes, the algorithm provided by the invention has remarkable performance advantages, and indeed provides the balance between the time delay of computation uninstallation and the authentication security level in the edge computing network.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of an authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of an authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention.
FIG. 3 is a block diagram of an authentication security level and resource optimization system for computing offload in an edge computing network according to an embodiment of the present invention;
in the figure: 1. initializing a module; 2. an unloading indication obtaining module; 3. an edge calculation frequency acquisition module; 4. a data block quantity acquisition module; 5. a target value acquisition module; 6. and a circulation judgment module.
Fig. 4 is a flowchart of obtaining an optimal offload indication and transfer rate according to an embodiment of the present invention.
Fig. 5 is a flowchart for obtaining an optimal number of data blocks according to an embodiment of the present invention.
Fig. 6 is a scene diagram of an application of the method provided by the embodiment of the present invention.
FIG. 7 is a schematic diagram of a Merkle tree signature method applied in the method provided by the embodiment of the invention.
Fig. 8 is a schematic diagram of a signature mechanism for gradually selecting a signature with higher security when the verification provided by the embodiment of the present invention respectively takes time delay and security as optimization targets.
FIG. 9 shows different weighting parameters provided by an embodiment of the present invention
Figure BDA0003192941880000091
And a graph illustrating the effect of the total computing power F on the target value.
Fig. 10 is a schematic diagram of target values under different numbers of mobile devices I and edge servers K according to an embodiment of the present invention.
Fig. 11 is a schematic diagram of objective values under different total calculation capabilities F provided by the embodiment of the invention.
FIG. 12 illustrates different scaling factors provided by embodiments of the present invention
Figure BDA0003192941880000092
And respectively representing the influence on the time delay, the authentication security level and the target value.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention.
In view of the problems in the prior art, the present invention provides an authentication security level and resource optimization method for computation offload in an edge computing network, which is described in detail below with reference to the accompanying drawings.
As shown in fig. 1, the authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention includes the following steps:
s101, initializing edge calculation frequency and data block quantity of a Merkle signature tree, and setting maximum iteration number and accuracy;
s102, obtaining an unloading indication and a transmission rate according to the edge calculation frequency and the data block number;
s103, obtaining edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks;
s104, calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks;
s105, obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number;
and S106, determining whether to circulate according to the maximum iteration number and the target value precision, and obtaining the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
The principle of the authentication security level and resource optimization method for computing offload in an edge computing network according to the embodiment of the present invention is shown in fig. 2.
As shown in fig. 3, the authentication security level and resource optimization system for computing offload in an edge computing network according to an embodiment of the present invention includes:
the initialization module 1 is used for initializing the edge calculation frequency and the data block quantity of the Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision;
the unloading indication acquisition module 2 is used for obtaining an unloading indication and a transmission rate according to the edge calculation frequency and the data block number;
an edge calculation frequency obtaining module 3, configured to obtain an edge calculation frequency according to the offload indication, the transmission rate, and the number of data blocks;
a data block quantity obtaining module 4, configured to obtain a data block quantity according to the offload indication, the transmission rate, and the edge calculation frequency;
a target value obtaining module 5, configured to obtain a target value according to the offload indication, the transmission rate, the edge calculation frequency, and the number of data blocks;
and the loop judgment module 6 is used for determining whether to loop according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
The technical solution of the present invention is further described with reference to the following specific examples.
As shown in fig. 2, a general flow of the authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention includes the following steps:
step 1: initializing an edge calculation frequency f (0) and the number of data blocks N (0) of a Merkle signature tree, and setting a maximum iteration number mmaxAnd the precision η;
step 2: let m equal to 1;
step 3: according to the edge calculation frequency f (0) and the data block number N (0), executing the graph 4 to obtain an unloading indication x (0) and a transmission rate r (0);
step 4: obtaining G (0) according to the unloading indication x (0), the transmission rate r (0), the edge calculation frequency f (0) and the data block number N (0);
step 5: when m is less than or equal to mmaxObtaining an edge calculation frequency f (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the data block number N (m-1), executing the graph 5 to obtain the data block number N (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the edge calculation frequency f (m-1), and executing the graph 4 to obtain the unloading indication x (m) and the transmission rate r (m) according to the edge calculation frequency f (m) and the data block number N (m); obtaining G (m) according to the unloading indication x (m), the transmission rate r (m), the edge calculation frequency f (m) and the data block number N (m);
step 6: if G (m) -G (m-1) is less than or equal to eta, obtaining the optimal unloading indication, transmission rate, edge calculation frequency and data block number; otherwise, update m to m +1 and execute Step 5 again.
As shown in fig. 4, the flow of acquiring an offload indication and a transmission rate by the authentication security level and resource optimization method for computing offload in an edge computing network according to the embodiment of the present invention includes the following steps:
step 1: initializing Lagrangian dual variables μ (0), β (0), v (0),
Figure BDA0003192941880000111
Maximum number of iterations tmaxAnd an accuracy oa;
step 2: let t equal to 0;
step 3: when t is less than or equal to tmaxAccording to Lagrangian dual variables μ (t), β (t), v (t),
Figure BDA0003192941880000112
Respectively obtaining an unloading indication x (t) and a packet transmission rate r (t) of unloading tasks and data, and obtaining new Lagrangian dual variables mu (t +1), beta (t +1), v (t +1) and the like according to the unloading indication x (t) and the transmission rate r (t),
Figure BDA0003192941880000113
Step 4: if the two-norm of the dual variable is smaller than the precision oa, an optimum removal indication x is derived*And a transmission rate r*(ii) a Otherwise, update t to t +1 and execute Step 3 again.
As shown in fig. 5, the process of acquiring the number of data blocks signed by the Merkle tree by the authentication security level and resource optimization method for computing offload in the edge computing network according to the embodiment of the present invention includes the following steps:
step 1: setting minimum value N of data block number intervall(0) And maximum value Nr(0) So that the optimum number of data blocks N*Satisfies Nl(0)≤N*≤Nr(0);
Step 2: let l equal to 0, set the maximum number of iterations lmax
Step 3: calculating Nm(l)=(Nl(l)+Nr(l) B/2 if Nr(l)-Nl(l) | | > 1, according to Nm(l) Obtain the function value F' (N)m(l) ); if F' (N)m(l) Is greater than or equal to 0) and makes Nl(l+1)=Nl(l),Nr(l+1)=Nm(l) (ii) a Otherwise, Nl(l+1)=Nm(l),Nr(l+1)=Nr(l) (ii) a Otherwise, the optimal number of data blocks N*=Round(Nm(l));
Step 4: if l is less than or equal to lmaxIf l +1 is updated, Step 3 is executed again.
Fig. 6 is a scenario diagram of the application of the method of the present invention, where a number of mobile devices with limited capabilities are surrounded by edge computing servers, which have relatively abundant resources and capabilities. Thus, computationally intensive and resource consuming tasks such as deep neural network inference applications, virtual reality games, etc. can be offloaded to edge servers to assist in execution. According to the difference of computing power and security authentication level provided by the peripheral edge server, the heterogeneous mobile device can select an edge server which simultaneously considers both delay and authentication security level, and share respective tasks under the constraint of energy consumption.
For dynamic and complex wireless network environments such as edge computing networks, the present invention utilizes the ALPHA-M mechanism of fig. 7 to validate data packets to ensure their correct and complete delivery. To validate data block m independently of other data blocks in a mobile devicejEdge server needs root node hroot,mjAnd from leaf H (m)j) All siblings of the path node to the root of the tree. The edge server reconstructs the slave leaf H (m) from the required hash signature according to the different hash algorithms deployed on itj) The path to the tree root is calculated
Figure BDA0003192941880000121
Root of tree only when calculating
Figure BDA0003192941880000122
And has already beenRoot of Manchurian wildrye, rhizoma anemarrhenaerootThe data block can pass the verification only when there is a match. In particular, to verify a data block m5The transmitted data packet adds the required hash signature Sig ═ h100,h11,h0,hrootThis is a complementary set of branches. Edge server computation data block m5Hash value h of101=H(m5) Then continuously calculating the hash value h10=H(h100||h101),h1=H(h10||h11) And
Figure BDA0003192941880000123
to generate
Figure BDA0003192941880000124
The Merkle tree is iteratively reconstructed. If the equation is
Figure BDA0003192941880000125
If true, then message m5Passes verification and is successfully received.
The technical effects of the present invention will be described in detail with reference to simulation experiments.
In order to verify the effectiveness of selecting different hash algorithms in the edge server by the uninstalling indication, the invention is provided with the following steps: (1) a Random Variable (RVPO) of the optimization scheme is proposed, and other variables are randomly selected with the original combined latency and authentication security level as optimization objectives. (2) The Fixed Variable (FVPO) that proposes the optimization scheme fixes the other variables, using the original optimization objective. (3) And (3) fixing a Fixed Variable (FVTO) of the time optimization scheme, fixing other variables and only taking time delay as an optimization target. (4) The Fixed Variable (FVSO) of the security optimization scheme, the other variables are fixed, with only the authentication security level as the optimization objective. As can be seen from fig. 8, the RVPO and the FVPO consistently select edge servers of different digest output lengths in the hashing mechanism. FVTO is more inclined to select edge servers with shorter hash output lengths, and FVSO is inclined to select edge servers with longer hash output lengths. The hash output length indicates the security of the authentication algorithm, which means that the FVTO will select the edge server with the shorter hash output length when the optimization goal is to reduce latency. When the authentication security level needs to be improved, the FVSO selects an edge server with a longer hash output length. The present invention combines these two goals, balancing time delay and authentication security level.
As can be seen from fig. 9, the larger the total calculation capability F, the smaller the target value. This will significantly reduce the time delay and target value, since more resources can be allocated to task execution as the maximum allowed computational resources increase. Current weight parameter
Figure BDA0003192941880000131
As the target value becomes larger, the ratio of the time delay to the target value becomes more prominent, thereby increasing the target value.
The invention also optimizes partial variables and randomly selects the rest variables to highlight the advantages of the proposal. The experiment set up the following protocol:
FSOR: and randomly selecting an unloading indication, and optimizing the packet transmission rate, the edge calculation frequency and the data block number.
FTOR: the scheme randomly selects a packet transmission rate, optimizes an unloading indication, an edge calculation frequency and a data block number.
FCOR: and randomly selecting an edge calculation frequency, and optimizing an unloading indication, a packet transmission rate and the number of data blocks.
FBOR: and randomly selecting the number of data blocks, and optimizing the unloading indication, the packet transmission rate and the edge calculation frequency.
FIG. 10 is a comparison of target values for different mobile devices and numbers of edge servers. It can be seen that the target value increases as the number of devices increases. The more edge servers that can be selected for the same number of devices, the lower the target value. This is because as the number of servers increases, more resource allocations can be provided. These schemes can optimize and select the optimal server. It is important to optimize the transmission rate of the data packets and the frequency of edge calculation, which has a large influence on the target value. The optimization of the number of data blocks is only a minor advantage, which can be understood by adding a small amount of signature data to the data packet and logarithmic calculation of the authentication security level.
Fig. 11 examines the target values of the comparison scheme at different total calculation powers F. As in the sense shown in fig. 9, when more computing resources are available, the delay of the edge server to perform the task is reduced, and therefore the target value is reduced accordingly. As can be seen from fig. 10, the optimization results for FTOR and FCOR are weaker, as can also be seen here. The scheme obtains a more remarkable target value optimization result by distributing the packet transmission rate and the edge calculation frequency. This is also related to the scaling factor
Figure BDA0003192941880000141
Is relevant. The invention will authenticate the security level
Figure BDA0003192941880000142
Set to a very small value to bring the target value to a suitable expression range. However, the proposed solution still has advantages over other solutions.
FIG. 12 shows different scaling factors, respectively
Figure BDA0003192941880000143
Impact on latency, authentication security level, and target value. As the scale factor increases, the proportion of the authentication security level in the target value gradually increases. It can be seen that the value of the authentication security level gradually increases, decreasing the target value. It is clear that,
Figure BDA0003192941880000144
the impact on the delay is small. The invention can well balance time delay and authentication security level, and minimize the target value.
In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware, or any combination thereof. When used in whole or in part, is implemented in a computer program product that includes one or more computer instructions. When loaded or executed on a computer, cause the flow or functions according to embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL), or wireless (e.g., infrared, wireless, microwave, etc.)). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The above description is only for the purpose of illustrating the present invention and the appended claims are not to be construed as limiting the scope of the invention, which is intended to cover all modifications, equivalents and improvements that are within the spirit and scope of the invention as defined by the appended claims.

Claims (8)

1. An authentication security level and resource optimization method for computation offload in an edge computing network, the authentication security level and resource optimization method for computation offload in the edge computing network comprising: initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity; determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity;
the authentication security level and resource optimization method for computing offload in the edge computing network comprises the following steps:
step one, initializing Lagrangian dual variables mu (0), beta (0), v (0),
Figure FDA0003662711820000011
Maximum number of iterations tmaxAnd the precision belongs to;
step two, making t equal to 0; t is the iteration index in the algorithm loop;
step three, when t is less than or equal to tmaxAccording to Lagrangian dual variables μ (t), β (t), v (t),
Figure FDA0003662711820000012
Respectively obtaining an unloading indication x (t) and a packet transmission rate r (t) of unloading tasks and data, and obtaining new Lagrangian dual variables mu (t +1), beta (t +1), v (t +1) and the like according to the unloading indication x (t) and the transmission rate r (t),
Figure FDA0003662711820000013
Step four, if the two norms of the dual variable are less than the accuracy epsilon, obtaining the optimal unloading indication x*And a transmission rate r*(ii) a Otherwise, updating t to t +1, and executing the step three again;
step five, setting the minimum value N of the data block quantity intervall(0) And maximum value Nr(0) So that the optimum number of data blocks N*Satisfy Nl(0)≤N*≤Nr(0);
Step six, setting l to be 0, and setting the maximum iteration number lmax(ii) a l is the iteration index in the algorithm loop;
step seven, calculating Nz(l)=(Nl(l)+Nr(l) 2, if N | |)r(l)-Nl(l)||≥1,Nz(l) Means intermediate values of the interval of the number of data blocks, according to Nz(l) Obtain the function value F' (N)m(l))(ii) a If F' (N)m(l) Is greater than or equal to 0) and makes Nl(l+1)=Nl(l),Nr(l+1)=Nm(l) (ii) a Otherwise, Nl(l+1)=Nm(l),Nr(l+1)=Nr(l) (ii) a Otherwise, the optimal number of data blocks N*=Round(Nm(l));F'(Nm(l) A derivative function that is an objective function; round (·) is a computational representation that rounds data;
step eight, if l is less than or equal to lmaxIf yes, updating l to l +1, and executing the step seven again;
step nine, initializing the edge calculation frequency f (0) and the data block quantity N (0) of the Merkle signature tree, and setting the maximum iteration number mmaxAnd an accuracy η;
step ten, making m equal to 1; m is an iteration index in the algorithm loop;
step eleven, calculating frequency f (0) and data block quantity N (0) according to the edge, and executing step four to obtain unloading indication x (0) and transmission rate r (0);
step twelve, according to the unloading indication x (0), the transmission rate r (0), the edge calculation frequency f (0) and the data block number N (0), obtaining G (0); when G (0) is m is 0, optimizing the target initial value;
thirteen, when m is less than or equal to mmaxObtaining an edge calculation frequency f (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the data block number N (m-1), and executing a seventh step according to the unloading indication x (m-1), the transmission rate r (m-1) and the edge calculation frequency f (m-1) to obtain the data block number N (m); according to the edge calculation frequency f (m) and the data block quantity N (m), executing the fourth step to obtain an unloading indication x (m) and a transmission rate r (m); obtaining G (m) according to the unloading indication x (m), the transmission rate r (m), the edge calculation frequency f (m) and the data block number N (m); g (m) is an optimized target value of the mth iteration;
fourteen steps, if | | G (m) -G (m-1) | | is less than or equal to eta, obtaining the optimal unloading indication, transmission rate, edge calculation frequency and data block quantity; otherwise, updating m to m +1, and executing the step thirteen again;
in step three, the update of the dual variable is expressed as follows:
Figure FDA0003662711820000021
Figure FDA0003662711820000022
Figure FDA0003662711820000023
Figure FDA0003662711820000024
[·]+indicating that if the value is greater than 0, the original value is taken, if the value is less than 0, zero is taken, wherein,
Figure FDA0003662711820000031
Figure FDA0003662711820000032
Figure FDA0003662711820000033
Figure FDA0003662711820000034
t is the subscript of the iteration, m (t), n (t), j (t), and o (t) are all very small, non-negative steps, and
Figure FDA0003662711820000035
σ2in order to be able to measure the power of the noise,
Figure FDA0003662711820000036
and
Figure FDA0003662711820000037
for optimal replacement variables and optimal offloading decisions, NiAs a number of data blocks, SiIs the size of the original data volume, SkFor the output lengths of the different hash algorithms,
Figure FDA0003662711820000038
Figure FDA0003662711820000039
f and UkI, maximum transmission energy consumption, minimum required security level, edge server computing power and number of serving mobile devices, respectively.
2. The method for authentication security level and resource optimization for computing offload in an edge computing network of claim 1, wherein in step four, the dual norm of the dual variable is expressed as follows:
||μ(t+1)-μ(t)||<∈,
||β(t+1)-β(t)||<∈,
||v(t+1)-v(t)||<∈,
Figure FDA00036627118200000310
the solved equations for the transmission rate r (t) and the unload indicator x (t) are:
Figure FDA00036627118200000311
Figure FDA00036627118200000312
b is the total bandwidth, gi,kIs the channel gain between i and k, where,
Figure FDA0003662711820000041
Figure FDA0003662711820000042
Figure FDA0003662711820000043
and
Figure FDA0003662711820000044
w (-) represents Lambertian transcendence function, ρ, for the weight coefficients of delay and security levelkqkThe average CPU cycle of the processing performed to authenticate the signature,
Figure FDA0003662711820000045
3. the method for authentication security level and resource optimization for computational offloading in an edge computing network as recited in claim 2, wherein in step seven, the function is represented as follows:
Figure FDA0003662711820000046
4. the method for computing offloaded authentication security level and resource optimization in an edge computing network according to claim 3, wherein in step thirteen, the edge computing frequency calculation formula is as follows:
Figure FDA0003662711820000047
5. the method for authentication security level and resource optimization for computational offloading in an edge computing network as recited in claim 4, wherein in step twelve and step thirteen, the G is computed as follows:
Figure FDA0003662711820000048
wherein, Ti,kIn order to be a time delay,
Figure FDA0003662711820000049
in order to authenticate the level of security,
Figure FDA00036627118200000410
and
Figure FDA00036627118200000411
are the weight coefficients.
6. An authentication security level and resource optimization system for computation offload in an edge computing network implementing the authentication security level and resource optimization method for computation offload in an edge computing network according to any of claims 1 to 5, wherein the authentication security level and resource optimization system for computation offload in an edge computing network comprises:
the initialization module is used for initializing the edge calculation frequency and the data block quantity of the Merkle signature tree and setting the maximum iteration number and the maximum iteration precision;
the unloading indication acquisition module is used for obtaining unloading indication and transmission rate according to the edge calculation frequency and the data block number;
the edge calculation frequency acquisition module is used for obtaining edge calculation frequency according to the unloading indication, the transmission rate and the data block quantity;
the data block quantity acquisition module is used for calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the quantity of the data blocks;
the target value acquisition module is used for obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity;
and the loop judgment module is used for determining whether to loop according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
7. A computer arrangement comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to carry out the steps of the method for authentication security level and resource optimization for computational offloading in an edge computing network according to any of claims 1 to 5.
8. An information data processing terminal, characterized in that the information data processing terminal is configured to implement an authentication security level and resource optimization system for computation offload in an edge computing network according to claim 6.
CN202110883180.2A 2021-08-02 2021-08-02 Authentication security level and resource optimization method for computing unloading in edge computing network Active CN113795026B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110883180.2A CN113795026B (en) 2021-08-02 2021-08-02 Authentication security level and resource optimization method for computing unloading in edge computing network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110883180.2A CN113795026B (en) 2021-08-02 2021-08-02 Authentication security level and resource optimization method for computing unloading in edge computing network

Publications (2)

Publication Number Publication Date
CN113795026A CN113795026A (en) 2021-12-14
CN113795026B true CN113795026B (en) 2022-07-15

Family

ID=78877067

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110883180.2A Active CN113795026B (en) 2021-08-02 2021-08-02 Authentication security level and resource optimization method for computing unloading in edge computing network

Country Status (1)

Country Link
CN (1) CN113795026B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115086316B (en) * 2022-06-13 2023-03-14 西安电子科技大学 Safety and resource allocation method for computing offload in joint optimization vehicle edge network

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11146455B2 (en) * 2019-12-20 2021-10-12 Intel Corporation End-to-end quality of service in edge computing environments
CN111163143B (en) * 2019-12-21 2021-03-23 浙江大学 Low-delay task unloading method for mobile edge calculation
CN111556089A (en) * 2020-03-16 2020-08-18 西安电子科技大学 Resource joint optimization method based on enabling block chain mobile edge computing system
CN112148380B (en) * 2020-09-16 2022-04-12 鹏城实验室 Resource optimization method in mobile edge computing task unloading and electronic equipment
CN112512056B (en) * 2020-11-14 2022-10-18 北京工业大学 Multi-objective optimization calculation unloading method in mobile edge calculation network

Also Published As

Publication number Publication date
CN113795026A (en) 2021-12-14

Similar Documents

Publication Publication Date Title
CN111913723B (en) Cloud-edge-end cooperative unloading method and system based on assembly line
CN110096362B (en) Multitask unloading method based on edge server cooperation
US8676983B2 (en) Balancing the loads of servers in a server farm based on an angle between two vectors
CN111556089A (en) Resource joint optimization method based on enabling block chain mobile edge computing system
CN113747442B (en) IRS-assisted wireless communication transmission method, device, terminal and storage medium
CN113795026B (en) Authentication security level and resource optimization method for computing unloading in edge computing network
Li et al. Security and energy-aware collaborative task offloading in D2D communication
CN113255004A (en) Safe and efficient federal learning content caching method
CN116126130A (en) Task unloading method for trusted edge server selection and energy consumption optimization
CN114968404A (en) Distributed unloading method for computing task with position privacy protection
CN116669111A (en) Mobile edge computing task unloading method based on blockchain
CN114390519B (en) Wireless channel key generation method, device, equipment and storage medium
CN113490231B (en) Usability guarantee method and device for network slice
CN113032149B (en) Edge computing service placement and request distribution method and system based on evolution game
CN117176735A (en) Self-adaptive selection method and system for block chain consensus mechanism based on cloud edge
CN113709817B (en) Task unloading and resource scheduling method and device under multi-base-station multi-server scene
CN116367310A (en) Maximum gain oriented channel allocation method for mobile edge calculation
CN112288433B (en) Block chain consensus task processing system and method supporting edge-side cooperation
CN116089091A (en) Resource allocation and task unloading method based on edge calculation of Internet of things
CN112685163B (en) Calculation unloading method based on mobile edge calculation and mobile edge calculation server
CN112203309B (en) Joint task unloading and caching method based on server cooperation
Hosseinzadeh et al. Joint compression and offloading decisions for deep learning services in 3-tier edge systems
CN114520992A (en) Method for optimizing time delay performance of fog access network based on cluster process
Li et al. Adaptive Binary Whale Optimization Algorithm for Computation Offloading Optimization in Mobile Edge Computing
Li et al. Suitability-based edge server placement strategy in 5G ultra-dense networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 710071 Xi'an Electronic and Science University, 2 Taibai South Road, Shaanxi, Xi'an

Applicant after: XIDIAN University

Applicant after: Xi'an Lianrong Technology Co.,Ltd.

Address before: 710071 Xi'an Electronic and Science University, 2 Taibai South Road, Shaanxi, Xi'an

Applicant before: XIDIAN University

Applicant before: XI'AN XIDIAN LIANRONG TECHNOLOGY Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant