CN113795026B - Authentication security level and resource optimization method for computing unloading in edge computing network - Google Patents
Authentication security level and resource optimization method for computing unloading in edge computing network Download PDFInfo
- Publication number
- CN113795026B CN113795026B CN202110883180.2A CN202110883180A CN113795026B CN 113795026 B CN113795026 B CN 113795026B CN 202110883180 A CN202110883180 A CN 202110883180A CN 113795026 B CN113795026 B CN 113795026B
- Authority
- CN
- China
- Prior art keywords
- transmission rate
- edge
- data block
- calculation frequency
- security level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5061—Partitioning or combining of resources
- G06F9/5072—Grid computing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5094—Allocation of resources, e.g. of the central processing unit [CPU] where the allocation takes into account power or heat criteria
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2209/00—Indexing scheme relating to G06F9/00
- G06F2209/50—Indexing scheme relating to G06F9/50
- G06F2209/502—Proximity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2209/00—Indexing scheme relating to G06F9/00
- G06F2209/50—Indexing scheme relating to G06F9/50
- G06F2209/509—Offload
Abstract
The invention belongs to the technical field of communication, and discloses an authentication security level and resource optimization method for computing offloading in an edge computing network, which comprises the following steps: initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number; and determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity. The algorithm proposed by the present invention has significant performance advantages over other schemes and indeed provides a trade-off between time delay of computation offload and authentication security level in edge computing networks.
Description
Technical Field
The invention belongs to the technical field of communication, and particularly relates to an authentication security level and resource optimization method for computing offloading in an edge computing network.
Background
Currently, as the fifth generation (5G) technology enters the final commercial stage, the academic and industrial community are concerned about the development of the next generation wireless cellular network (6G). With the rapid development of hardware infrastructure, intelligent algorithms and communication technologies, intelligent terminals are widely deployed near users. Emerging applications and services such as autopilot, telemedicine, and augmented/virtual reality have gradually penetrated the everyday lives of the present invention. They bring about a multiplied traffic load and stringent service requirements (e.g., high reliability and delay sensitivity). Mobile devices with limited power consumption and computing power are not sufficient to support these services and applications. Therefore, mobile edge computing systems must become an important component of future 6G evolution, where some of the urgent tasks can be performed on edge servers that are close to the user.
The edge server assists the terminal to execute the task and involves calculation unloading, and is one of key technologies of the edge calculation system. It allocates some or all of the tasks to the edge servers to reduce execution delay, improve service reliability, and reduce power consumption of the restricted mobile device. There are some computing offload problems that are urgently needed to be solved in edge computing systems. Global resources should be evaluated, allocated, and optimized simultaneously when selecting the appropriate edge server to make the offloading decision. Data security issues are also particularly acute and difficult for complex, dynamic and coupled edge computing systems. Especially edge servers, inevitably collect more security and privacy information due to their unique network architecture close to the devices and users.
In the prior art, security can be expensive, which means additional costs. The safe implementation process has the necessary software and equipment cost, and also has the computing capacity, time delay and energy consumption. The signature abstract attached to the original data makes a transmission packet large and occupies idle bandwidth resources. It is clearly more reasonable to deploy different signature algorithms on different edge servers than if each edge server were equipped with all signature algorithms. The mobile device and the user comprehensively make a shunting decision according to the characteristics of the task of the mobile device and different resources and authentication security mechanisms on the edge server, so that the required security level and resource optimization are obtained in a self-adaptive manner. Task execution efficiency and security level are contradictory, and achieving a trade-off between these two conflicting terms is a very meaningful and critical issue.
Thus, a digital signature is needed to sign and verify the data to be transmitted to confirm integrity and to record the source of the save or repudiation. It is an indispensable part of network communication and can be used for dealing with the threat of an attacker running malicious commands, codes and patches by using a device. Computational offloading may involve migration of large packets. Due to the mobility of the device and the instability of the network, the data packet loss or disorder is very likely to occur, so that the verification fails and the flexibility of the edge environment is not met. Merkle tree signatures can be well applied to edge computation scenarios where security depends only on the presence of a secure hash function. The safety of the hash function depends on the length of the hash function in brute force attack, and compared with the traditional digital signature scheme (DSA) and RSA, the Merkle tree signature is an alternative signature scheme for resisting a quantum computer.
Through the above analysis, the problems and defects of the prior art are as follows:
(1) the prior art has high safety and much extra consumption, and has necessary software and equipment cost, computing capacity, time delay and energy consumption in the safe implementation process.
(2) The signature abstract attached to the original data makes a transmission packet large and occupies idle bandwidth resources.
(3) Task execution efficiency and security level are contradictory, and achieving a trade-off between these two conflicting requirements is a very meaningful and critical issue.
The difficulty in solving the above problems and defects is: under the conditions of dynamic and heterogeneous edge computing networks and limited computing communication resources, the authentication security level is difficult to measure, different authentication algorithms can possibly result in completely different authentication security protection strengths for different enemies in different scenes, and the task of adaptively selecting edge servers with different authentication security strengths according to the current resource status of equipment and users to unload is a difficult point.
The significance of solving the problems and the defects is as follows: the equipment and the user can adaptively select edge servers with different authentication security strengths to unload tasks according to the current resource status, and achieve the effects of time delay, energy consumption and security joint optimization through communication, calculation and secure resource allocation. The energy consumption of the edge server can be saved, and the service efficiency is improved.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides an authentication security level and resource optimization method for computing offloading in an edge computing network.
The invention is realized by an authentication security level and resource optimization method for computing offload in an edge computing network, which comprises the following steps:
initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the data block quantity; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number; and determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
Further, the authentication security level and resource optimization method for computing offload in the edge computing network includes the following steps:
step one, initializing Lagrangian dual variables mu (0), beta (0), v (0),Maximum number of iterations tmaxAnd an accuracy oa;
step two, making t equal to 0;
step three, when t is less than or equal to tmaxAccording to Lagrangian dual variables μ (t), β (t), v (t),Respectively obtaining an unloading indication x (t) and a packet transmission rate r (t) of unloading tasks and data, and obtaining new Lagrangian dual variables mu (t +1), beta (t +1), v (t +1) and the like according to the unloading indication x (t) and the transmission rate r (t),
Step four, if the two-norm of the dual variable is smaller than the precision oa, an optimal unloading indication x is derived*And a transmission rate r*(ii) a Otherwise, updating t to t +1, and re-executing the step three;
step five, setting the minimum value N of the data block quantity intervall(0) And maximum value Nr(0) So that the optimum number of data blocks N*Satisfy Nl(0)≤N*≤Nr(0);
Step six, making l equal to 0, and setting the maximum iteration number lmax;
Step seven, calculating Nm(l)=(Nl(l)+Nr(l) 2, if N | |)r(l)-Nl(l) | | > 1, according to Nm(l) Obtain the function value F' (N)m(l) ); if F' (N)m(l) Is greater than or equal to 0) and makes Nl(l+1)=Nl(l),Nr(l+1)=Nm(l) (ii) a Otherwise, Nl(l+1)=Nm(l),Nr(l+1)=Nr(l) (ii) a Otherwise, the optimal number of data blocks N*=Round(Nm(l));
Step eight, if l is less than or equal to lmaxIf yes, updating l to l +1, and executing the step seven again;
step nine, initializing the edge calculation frequency f (0) and the data block quantity N (0) of the Merkle signature tree, and setting the maximum iteration number mmaxAnd the precision η;
step ten, making m equal to 1;
step eleven, according to the edge calculation frequency f (0) and the data block number N (0), executing step four to obtain an unloading indication x (0) and a transmission rate r (0);
step twelve, according to the unloading indication x (0), the transmission rate r (0), the edge calculation frequency f (0) and the data block number N (0), obtaining G (0);
thirteen step, when m is less than or equal to mmaxObtaining an edge calculation frequency f (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the data block number N (m-1), executing a step seven according to the unloading indication x (m-1), the transmission rate r (m-1) and the edge calculation frequency f (m-1) to obtain the data block number N (m)) (ii) a According to the edge calculation frequency f (m) and the data block quantity N (m), executing the step four to obtain an unloading indication x (m) and a transmission rate r (m); obtaining G (m) according to the unloading indication x (m), the transmission rate r (m), the edge calculation frequency f (m) and the data block number N (m);
step fourteen, if | | G (m) -G (m-1) | | is less than or equal to η, obtaining the optimal unloading indication, transmission rate, edge calculation frequency and data block number; otherwise, updating m to m +1, and executing step thirteen again.
Further, in step three, the update of the dual variable is represented as follows:
wherein the content of the first and second substances,
t is the index of the iteration, m (t), n (t), j (t), and o (t) are all very small non-negative steps, and
further, in step four, the two norms of the dual variables are expressed as follows:
||μ(t+1)-μ(t)||<ò,
||β(t+1)-β(t)||<ò,
||v(t+1)-v(t)||<ò,
the solved equations for the transmission rate r (t) and the unload indicator x (t) are:
wherein the content of the first and second substances,
further, in step seven, the function is expressed as follows:
further, in step thirteen, the edge calculation frequency calculation formula is as follows:
further, in step twelve and step thirteen, the G is calculated as follows:
wherein, Ti,kFor time delay, Li,kIn order to authenticate the level of security,andis a weight coefficient.
Another object of the present invention is to provide an authentication security level and resource optimization system for computation offload in an edge computing network, which applies the authentication security level and resource optimization method for computation offload in an edge computing network, wherein the authentication security level and resource optimization system for computation offload in an edge computing network comprises:
the initialization module is used for initializing the edge calculation frequency and the data block quantity of the Merkle signature tree and setting the maximum iteration number and the maximum iteration precision;
the unloading indication acquisition module is used for obtaining unloading indication and transmission rate according to the edge calculation frequency and the data block number;
the edge calculation frequency acquisition module is used for obtaining edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks;
the data block quantity obtaining module is used for obtaining the data block quantity according to the unloading indication, the transmission rate and the edge calculation frequency;
the target value acquisition module is used for obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number;
and the loop judgment module is used for determining whether to loop according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
It is a further object of the invention to provide a computer device comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to perform the steps of:
initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the data block quantity; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity; and determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
Another object of the present invention is to provide an information data processing terminal, which is used for implementing the authentication security level and resource optimization system for computation offload in the edge computing network.
By combining all the technical schemes, the invention has the advantages and positive effects that: the invention provides an authentication security level and resource optimization method for calculating unloading in an edge computing network, which particularly relates to the joint optimization of unloading indication, packet transmission rate, edge computing frequency and Merkle tree signature data block number and the selection of an unloading edge server, and sets the maximum iteration number and the maximum iteration precision by initializing the edge computing frequency and the Merkle tree signature data block number; calculating the frequency and the data block number according to the edge to obtain an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity; determining whether to circulate according to the maximum iteration number and the target value precision; the method comprises the steps of obtaining an optimal unloading indication, a transmission rate, an edge calculation frequency and a data block number, jointly optimizing the unloading indication to make an unloading decision, packet transmission rate to correctly utilize transmission resources, edge calculation frequency to save energy consumption, and the data block number of Merkle tree signatures to influence an authentication security level, and realizing balance between time delay of task unloading to an edge server and the authentication security level.
The invention takes the authentication security level of the maximized Merkle tree signature as a part of the optimization target, and takes the lowest allowable authentication security level as one of the constraints. The scheme provided by the invention combines the transmission capability of the mobile equipment, the computing capability of the edge server and different deployed hash algorithms to make a computation offloading decision. The invention sets a minimum optimization problem to jointly optimize the selected index, the packet transmission rate, the edge calculation frequency and the data block number to obtain an optimal target value, and the target value can balance time delay and authentication security level at the same time and is used for calculation unloading of an edge calculation system.
Simulation results show that the algorithm provided by the invention has good convergence and effectiveness. Meanwhile, compared with other schemes, the algorithm provided by the invention has remarkable performance advantages, and indeed provides the balance between the time delay of computation uninstallation and the authentication security level in the edge computing network.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of an authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of an authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention.
FIG. 3 is a block diagram of an authentication security level and resource optimization system for computing offload in an edge computing network according to an embodiment of the present invention;
in the figure: 1. initializing a module; 2. an unloading indication obtaining module; 3. an edge calculation frequency acquisition module; 4. a data block quantity acquisition module; 5. a target value acquisition module; 6. and a circulation judgment module.
Fig. 4 is a flowchart of obtaining an optimal offload indication and transfer rate according to an embodiment of the present invention.
Fig. 5 is a flowchart for obtaining an optimal number of data blocks according to an embodiment of the present invention.
Fig. 6 is a scene diagram of an application of the method provided by the embodiment of the present invention.
FIG. 7 is a schematic diagram of a Merkle tree signature method applied in the method provided by the embodiment of the invention.
Fig. 8 is a schematic diagram of a signature mechanism for gradually selecting a signature with higher security when the verification provided by the embodiment of the present invention respectively takes time delay and security as optimization targets.
FIG. 9 shows different weighting parameters provided by an embodiment of the present inventionAnd a graph illustrating the effect of the total computing power F on the target value.
Fig. 10 is a schematic diagram of target values under different numbers of mobile devices I and edge servers K according to an embodiment of the present invention.
Fig. 11 is a schematic diagram of objective values under different total calculation capabilities F provided by the embodiment of the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention.
In view of the problems in the prior art, the present invention provides an authentication security level and resource optimization method for computation offload in an edge computing network, which is described in detail below with reference to the accompanying drawings.
As shown in fig. 1, the authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention includes the following steps:
s101, initializing edge calculation frequency and data block quantity of a Merkle signature tree, and setting maximum iteration number and accuracy;
s102, obtaining an unloading indication and a transmission rate according to the edge calculation frequency and the data block number;
s103, obtaining edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks;
s104, calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks;
s105, obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block number;
and S106, determining whether to circulate according to the maximum iteration number and the target value precision, and obtaining the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
The principle of the authentication security level and resource optimization method for computing offload in an edge computing network according to the embodiment of the present invention is shown in fig. 2.
As shown in fig. 3, the authentication security level and resource optimization system for computing offload in an edge computing network according to an embodiment of the present invention includes:
the initialization module 1 is used for initializing the edge calculation frequency and the data block quantity of the Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision;
the unloading indication acquisition module 2 is used for obtaining an unloading indication and a transmission rate according to the edge calculation frequency and the data block number;
an edge calculation frequency obtaining module 3, configured to obtain an edge calculation frequency according to the offload indication, the transmission rate, and the number of data blocks;
a data block quantity obtaining module 4, configured to obtain a data block quantity according to the offload indication, the transmission rate, and the edge calculation frequency;
a target value obtaining module 5, configured to obtain a target value according to the offload indication, the transmission rate, the edge calculation frequency, and the number of data blocks;
and the loop judgment module 6 is used for determining whether to loop according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
The technical solution of the present invention is further described with reference to the following specific examples.
As shown in fig. 2, a general flow of the authentication security level and resource optimization method for computing offload in an edge computing network according to an embodiment of the present invention includes the following steps:
step 1: initializing an edge calculation frequency f (0) and the number of data blocks N (0) of a Merkle signature tree, and setting a maximum iteration number mmaxAnd the precision η;
step 2: let m equal to 1;
step 3: according to the edge calculation frequency f (0) and the data block number N (0), executing the graph 4 to obtain an unloading indication x (0) and a transmission rate r (0);
step 4: obtaining G (0) according to the unloading indication x (0), the transmission rate r (0), the edge calculation frequency f (0) and the data block number N (0);
step 5: when m is less than or equal to mmaxObtaining an edge calculation frequency f (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the data block number N (m-1), executing the graph 5 to obtain the data block number N (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the edge calculation frequency f (m-1), and executing the graph 4 to obtain the unloading indication x (m) and the transmission rate r (m) according to the edge calculation frequency f (m) and the data block number N (m); obtaining G (m) according to the unloading indication x (m), the transmission rate r (m), the edge calculation frequency f (m) and the data block number N (m);
step 6: if G (m) -G (m-1) is less than or equal to eta, obtaining the optimal unloading indication, transmission rate, edge calculation frequency and data block number; otherwise, update m to m +1 and execute Step 5 again.
As shown in fig. 4, the flow of acquiring an offload indication and a transmission rate by the authentication security level and resource optimization method for computing offload in an edge computing network according to the embodiment of the present invention includes the following steps:
step 1: initializing Lagrangian dual variables μ (0), β (0), v (0),Maximum number of iterations tmaxAnd an accuracy oa;
step 2: let t equal to 0;
step 3: when t is less than or equal to tmaxAccording to Lagrangian dual variables μ (t), β (t), v (t),Respectively obtaining an unloading indication x (t) and a packet transmission rate r (t) of unloading tasks and data, and obtaining new Lagrangian dual variables mu (t +1), beta (t +1), v (t +1) and the like according to the unloading indication x (t) and the transmission rate r (t),
Step 4: if the two-norm of the dual variable is smaller than the precision oa, an optimum removal indication x is derived*And a transmission rate r*(ii) a Otherwise, update t to t +1 and execute Step 3 again.
As shown in fig. 5, the process of acquiring the number of data blocks signed by the Merkle tree by the authentication security level and resource optimization method for computing offload in the edge computing network according to the embodiment of the present invention includes the following steps:
step 1: setting minimum value N of data block number intervall(0) And maximum value Nr(0) So that the optimum number of data blocks N*Satisfies Nl(0)≤N*≤Nr(0);
Step 2: let l equal to 0, set the maximum number of iterations lmax;
Step 3: calculating Nm(l)=(Nl(l)+Nr(l) B/2 if Nr(l)-Nl(l) | | > 1, according to Nm(l) Obtain the function value F' (N)m(l) ); if F' (N)m(l) Is greater than or equal to 0) and makes Nl(l+1)=Nl(l),Nr(l+1)=Nm(l) (ii) a Otherwise, Nl(l+1)=Nm(l),Nr(l+1)=Nr(l) (ii) a Otherwise, the optimal number of data blocks N*=Round(Nm(l));
Step 4: if l is less than or equal to lmaxIf l +1 is updated, Step 3 is executed again.
Fig. 6 is a scenario diagram of the application of the method of the present invention, where a number of mobile devices with limited capabilities are surrounded by edge computing servers, which have relatively abundant resources and capabilities. Thus, computationally intensive and resource consuming tasks such as deep neural network inference applications, virtual reality games, etc. can be offloaded to edge servers to assist in execution. According to the difference of computing power and security authentication level provided by the peripheral edge server, the heterogeneous mobile device can select an edge server which simultaneously considers both delay and authentication security level, and share respective tasks under the constraint of energy consumption.
For dynamic and complex wireless network environments such as edge computing networks, the present invention utilizes the ALPHA-M mechanism of fig. 7 to validate data packets to ensure their correct and complete delivery. To validate data block m independently of other data blocks in a mobile devicejEdge server needs root node hroot,mjAnd from leaf H (m)j) All siblings of the path node to the root of the tree. The edge server reconstructs the slave leaf H (m) from the required hash signature according to the different hash algorithms deployed on itj) The path to the tree root is calculatedRoot of tree only when calculatingAnd has already beenRoot of Manchurian wildrye, rhizoma anemarrhenaerootThe data block can pass the verification only when there is a match. In particular, to verify a data block m5The transmitted data packet adds the required hash signature Sig ═ h100,h11,h0,hrootThis is a complementary set of branches. Edge server computation data block m5Hash value h of101=H(m5) Then continuously calculating the hash value h10=H(h100||h101),h1=H(h10||h11) Andto generateThe Merkle tree is iteratively reconstructed. If the equation isIf true, then message m5Passes verification and is successfully received.
The technical effects of the present invention will be described in detail with reference to simulation experiments.
In order to verify the effectiveness of selecting different hash algorithms in the edge server by the uninstalling indication, the invention is provided with the following steps: (1) a Random Variable (RVPO) of the optimization scheme is proposed, and other variables are randomly selected with the original combined latency and authentication security level as optimization objectives. (2) The Fixed Variable (FVPO) that proposes the optimization scheme fixes the other variables, using the original optimization objective. (3) And (3) fixing a Fixed Variable (FVTO) of the time optimization scheme, fixing other variables and only taking time delay as an optimization target. (4) The Fixed Variable (FVSO) of the security optimization scheme, the other variables are fixed, with only the authentication security level as the optimization objective. As can be seen from fig. 8, the RVPO and the FVPO consistently select edge servers of different digest output lengths in the hashing mechanism. FVTO is more inclined to select edge servers with shorter hash output lengths, and FVSO is inclined to select edge servers with longer hash output lengths. The hash output length indicates the security of the authentication algorithm, which means that the FVTO will select the edge server with the shorter hash output length when the optimization goal is to reduce latency. When the authentication security level needs to be improved, the FVSO selects an edge server with a longer hash output length. The present invention combines these two goals, balancing time delay and authentication security level.
As can be seen from fig. 9, the larger the total calculation capability F, the smaller the target value. This will significantly reduce the time delay and target value, since more resources can be allocated to task execution as the maximum allowed computational resources increase. Current weight parameterAs the target value becomes larger, the ratio of the time delay to the target value becomes more prominent, thereby increasing the target value.
The invention also optimizes partial variables and randomly selects the rest variables to highlight the advantages of the proposal. The experiment set up the following protocol:
FSOR: and randomly selecting an unloading indication, and optimizing the packet transmission rate, the edge calculation frequency and the data block number.
FTOR: the scheme randomly selects a packet transmission rate, optimizes an unloading indication, an edge calculation frequency and a data block number.
FCOR: and randomly selecting an edge calculation frequency, and optimizing an unloading indication, a packet transmission rate and the number of data blocks.
FBOR: and randomly selecting the number of data blocks, and optimizing the unloading indication, the packet transmission rate and the edge calculation frequency.
FIG. 10 is a comparison of target values for different mobile devices and numbers of edge servers. It can be seen that the target value increases as the number of devices increases. The more edge servers that can be selected for the same number of devices, the lower the target value. This is because as the number of servers increases, more resource allocations can be provided. These schemes can optimize and select the optimal server. It is important to optimize the transmission rate of the data packets and the frequency of edge calculation, which has a large influence on the target value. The optimization of the number of data blocks is only a minor advantage, which can be understood by adding a small amount of signature data to the data packet and logarithmic calculation of the authentication security level.
Fig. 11 examines the target values of the comparison scheme at different total calculation powers F. As in the sense shown in fig. 9, when more computing resources are available, the delay of the edge server to perform the task is reduced, and therefore the target value is reduced accordingly. As can be seen from fig. 10, the optimization results for FTOR and FCOR are weaker, as can also be seen here. The scheme obtains a more remarkable target value optimization result by distributing the packet transmission rate and the edge calculation frequency. This is also related to the scaling factorIs relevant. The invention will authenticate the security levelSet to a very small value to bring the target value to a suitable expression range. However, the proposed solution still has advantages over other solutions.
FIG. 12 shows different scaling factors, respectivelyImpact on latency, authentication security level, and target value. As the scale factor increases, the proportion of the authentication security level in the target value gradually increases. It can be seen that the value of the authentication security level gradually increases, decreasing the target value. It is clear that,the impact on the delay is small. The invention can well balance time delay and authentication security level, and minimize the target value.
In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware, or any combination thereof. When used in whole or in part, is implemented in a computer program product that includes one or more computer instructions. When loaded or executed on a computer, cause the flow or functions according to embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL), or wireless (e.g., infrared, wireless, microwave, etc.)). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The above description is only for the purpose of illustrating the present invention and the appended claims are not to be construed as limiting the scope of the invention, which is intended to cover all modifications, equivalents and improvements that are within the spirit and scope of the invention as defined by the appended claims.
Claims (8)
1. An authentication security level and resource optimization method for computation offload in an edge computing network, the authentication security level and resource optimization method for computation offload in the edge computing network comprising: initializing the edge calculation frequency and the number of data blocks of a Merkle signature tree, and setting the maximum iteration number and the maximum iteration precision; according to the edge calculation frequency and the data block number, obtaining an unloading indication and a transmission rate; obtaining an edge calculation frequency according to the unloading indication, the transmission rate and the number of the data blocks; calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the number of data blocks; obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity; determining whether to circulate according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity;
the authentication security level and resource optimization method for computing offload in the edge computing network comprises the following steps:
step one, initializing Lagrangian dual variables mu (0), beta (0), v (0),Maximum number of iterations tmaxAnd the precision belongs to;
step two, making t equal to 0; t is the iteration index in the algorithm loop;
step three, when t is less than or equal to tmaxAccording to Lagrangian dual variables μ (t), β (t), v (t),Respectively obtaining an unloading indication x (t) and a packet transmission rate r (t) of unloading tasks and data, and obtaining new Lagrangian dual variables mu (t +1), beta (t +1), v (t +1) and the like according to the unloading indication x (t) and the transmission rate r (t),
Step four, if the two norms of the dual variable are less than the accuracy epsilon, obtaining the optimal unloading indication x*And a transmission rate r*(ii) a Otherwise, updating t to t +1, and executing the step three again;
step five, setting the minimum value N of the data block quantity intervall(0) And maximum value Nr(0) So that the optimum number of data blocks N*Satisfy Nl(0)≤N*≤Nr(0);
Step six, setting l to be 0, and setting the maximum iteration number lmax(ii) a l is the iteration index in the algorithm loop;
step seven, calculating Nz(l)=(Nl(l)+Nr(l) 2, if N | |)r(l)-Nl(l)||≥1,Nz(l) Means intermediate values of the interval of the number of data blocks, according to Nz(l) Obtain the function value F' (N)m(l))(ii) a If F' (N)m(l) Is greater than or equal to 0) and makes Nl(l+1)=Nl(l),Nr(l+1)=Nm(l) (ii) a Otherwise, Nl(l+1)=Nm(l),Nr(l+1)=Nr(l) (ii) a Otherwise, the optimal number of data blocks N*=Round(Nm(l));F'(Nm(l) A derivative function that is an objective function; round (·) is a computational representation that rounds data;
step eight, if l is less than or equal to lmaxIf yes, updating l to l +1, and executing the step seven again;
step nine, initializing the edge calculation frequency f (0) and the data block quantity N (0) of the Merkle signature tree, and setting the maximum iteration number mmaxAnd an accuracy η;
step ten, making m equal to 1; m is an iteration index in the algorithm loop;
step eleven, calculating frequency f (0) and data block quantity N (0) according to the edge, and executing step four to obtain unloading indication x (0) and transmission rate r (0);
step twelve, according to the unloading indication x (0), the transmission rate r (0), the edge calculation frequency f (0) and the data block number N (0), obtaining G (0); when G (0) is m is 0, optimizing the target initial value;
thirteen, when m is less than or equal to mmaxObtaining an edge calculation frequency f (m) according to the unloading indication x (m-1), the transmission rate r (m-1) and the data block number N (m-1), and executing a seventh step according to the unloading indication x (m-1), the transmission rate r (m-1) and the edge calculation frequency f (m-1) to obtain the data block number N (m); according to the edge calculation frequency f (m) and the data block quantity N (m), executing the fourth step to obtain an unloading indication x (m) and a transmission rate r (m); obtaining G (m) according to the unloading indication x (m), the transmission rate r (m), the edge calculation frequency f (m) and the data block number N (m); g (m) is an optimized target value of the mth iteration;
fourteen steps, if | | G (m) -G (m-1) | | is less than or equal to eta, obtaining the optimal unloading indication, transmission rate, edge calculation frequency and data block quantity; otherwise, updating m to m +1, and executing the step thirteen again;
in step three, the update of the dual variable is expressed as follows:
[·]+indicating that if the value is greater than 0, the original value is taken, if the value is less than 0, zero is taken, wherein,
t is the subscript of the iteration, m (t), n (t), j (t), and o (t) are all very small, non-negative steps, andσ2in order to be able to measure the power of the noise,andfor optimal replacement variables and optimal offloading decisions, NiAs a number of data blocks, SiIs the size of the original data volume, SkFor the output lengths of the different hash algorithms, f and UkI, maximum transmission energy consumption, minimum required security level, edge server computing power and number of serving mobile devices, respectively.
2. The method for authentication security level and resource optimization for computing offload in an edge computing network of claim 1, wherein in step four, the dual norm of the dual variable is expressed as follows:
||μ(t+1)-μ(t)||<∈,
||β(t+1)-β(t)||<∈,
||v(t+1)-v(t)||<∈,
the solved equations for the transmission rate r (t) and the unload indicator x (t) are:
b is the total bandwidth, gi,kIs the channel gain between i and k, where,
5. the method for authentication security level and resource optimization for computational offloading in an edge computing network as recited in claim 4, wherein in step twelve and step thirteen, the G is computed as follows:
6. An authentication security level and resource optimization system for computation offload in an edge computing network implementing the authentication security level and resource optimization method for computation offload in an edge computing network according to any of claims 1 to 5, wherein the authentication security level and resource optimization system for computation offload in an edge computing network comprises:
the initialization module is used for initializing the edge calculation frequency and the data block quantity of the Merkle signature tree and setting the maximum iteration number and the maximum iteration precision;
the unloading indication acquisition module is used for obtaining unloading indication and transmission rate according to the edge calculation frequency and the data block number;
the edge calculation frequency acquisition module is used for obtaining edge calculation frequency according to the unloading indication, the transmission rate and the data block quantity;
the data block quantity acquisition module is used for calculating frequency according to the unloading indication, the transmission rate and the edge to obtain the quantity of the data blocks;
the target value acquisition module is used for obtaining a target value according to the unloading indication, the transmission rate, the edge calculation frequency and the data block quantity;
and the loop judgment module is used for determining whether to loop according to the maximum iteration number and the target value precision to obtain the optimal unloading indication, the transmission rate, the edge calculation frequency and the data block quantity.
7. A computer arrangement comprising a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to carry out the steps of the method for authentication security level and resource optimization for computational offloading in an edge computing network according to any of claims 1 to 5.
8. An information data processing terminal, characterized in that the information data processing terminal is configured to implement an authentication security level and resource optimization system for computation offload in an edge computing network according to claim 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110883180.2A CN113795026B (en) | 2021-08-02 | 2021-08-02 | Authentication security level and resource optimization method for computing unloading in edge computing network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110883180.2A CN113795026B (en) | 2021-08-02 | 2021-08-02 | Authentication security level and resource optimization method for computing unloading in edge computing network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113795026A CN113795026A (en) | 2021-12-14 |
CN113795026B true CN113795026B (en) | 2022-07-15 |
Family
ID=78877067
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110883180.2A Active CN113795026B (en) | 2021-08-02 | 2021-08-02 | Authentication security level and resource optimization method for computing unloading in edge computing network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113795026B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115086316B (en) * | 2022-06-13 | 2023-03-14 | 西安电子科技大学 | Safety and resource allocation method for computing offload in joint optimization vehicle edge network |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11146455B2 (en) * | 2019-12-20 | 2021-10-12 | Intel Corporation | End-to-end quality of service in edge computing environments |
CN111163143B (en) * | 2019-12-21 | 2021-03-23 | 浙江大学 | Low-delay task unloading method for mobile edge calculation |
CN111556089A (en) * | 2020-03-16 | 2020-08-18 | 西安电子科技大学 | Resource joint optimization method based on enabling block chain mobile edge computing system |
CN112148380B (en) * | 2020-09-16 | 2022-04-12 | 鹏城实验室 | Resource optimization method in mobile edge computing task unloading and electronic equipment |
CN112512056B (en) * | 2020-11-14 | 2022-10-18 | 北京工业大学 | Multi-objective optimization calculation unloading method in mobile edge calculation network |
-
2021
- 2021-08-02 CN CN202110883180.2A patent/CN113795026B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN113795026A (en) | 2021-12-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111913723B (en) | Cloud-edge-end cooperative unloading method and system based on assembly line | |
CN110096362B (en) | Multitask unloading method based on edge server cooperation | |
US8676983B2 (en) | Balancing the loads of servers in a server farm based on an angle between two vectors | |
CN111556089A (en) | Resource joint optimization method based on enabling block chain mobile edge computing system | |
CN113747442B (en) | IRS-assisted wireless communication transmission method, device, terminal and storage medium | |
CN113795026B (en) | Authentication security level and resource optimization method for computing unloading in edge computing network | |
Li et al. | Security and energy-aware collaborative task offloading in D2D communication | |
CN113255004A (en) | Safe and efficient federal learning content caching method | |
CN116126130A (en) | Task unloading method for trusted edge server selection and energy consumption optimization | |
CN114968404A (en) | Distributed unloading method for computing task with position privacy protection | |
CN116669111A (en) | Mobile edge computing task unloading method based on blockchain | |
CN114390519B (en) | Wireless channel key generation method, device, equipment and storage medium | |
CN113490231B (en) | Usability guarantee method and device for network slice | |
CN113032149B (en) | Edge computing service placement and request distribution method and system based on evolution game | |
CN117176735A (en) | Self-adaptive selection method and system for block chain consensus mechanism based on cloud edge | |
CN113709817B (en) | Task unloading and resource scheduling method and device under multi-base-station multi-server scene | |
CN116367310A (en) | Maximum gain oriented channel allocation method for mobile edge calculation | |
CN112288433B (en) | Block chain consensus task processing system and method supporting edge-side cooperation | |
CN116089091A (en) | Resource allocation and task unloading method based on edge calculation of Internet of things | |
CN112685163B (en) | Calculation unloading method based on mobile edge calculation and mobile edge calculation server | |
CN112203309B (en) | Joint task unloading and caching method based on server cooperation | |
Hosseinzadeh et al. | Joint compression and offloading decisions for deep learning services in 3-tier edge systems | |
CN114520992A (en) | Method for optimizing time delay performance of fog access network based on cluster process | |
Li et al. | Adaptive Binary Whale Optimization Algorithm for Computation Offloading Optimization in Mobile Edge Computing | |
Li et al. | Suitability-based edge server placement strategy in 5G ultra-dense networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 710071 Xi'an Electronic and Science University, 2 Taibai South Road, Shaanxi, Xi'an Applicant after: XIDIAN University Applicant after: Xi'an Lianrong Technology Co.,Ltd. Address before: 710071 Xi'an Electronic and Science University, 2 Taibai South Road, Shaanxi, Xi'an Applicant before: XIDIAN University Applicant before: XI'AN XIDIAN LIANRONG TECHNOLOGY Co.,Ltd. |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |