CN114741169B - Multi-task scheduling method for heterogeneous password computing service of load aggregation public service platform - Google Patents
Multi-task scheduling method for heterogeneous password computing service of load aggregation public service platform Download PDFInfo
- Publication number
- CN114741169B CN114741169B CN202210322061.4A CN202210322061A CN114741169B CN 114741169 B CN114741169 B CN 114741169B CN 202210322061 A CN202210322061 A CN 202210322061A CN 114741169 B CN114741169 B CN 114741169B
- Authority
- CN
- China
- Prior art keywords
- task
- password
- service
- vcm
- cryptographic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004220 aggregation Methods 0.000 title claims abstract description 28
- 230000002776 aggregation Effects 0.000 title claims abstract description 28
- 238000000034 method Methods 0.000 title claims description 32
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 36
- 239000002245 particle Substances 0.000 claims description 30
- 230000003993 interaction Effects 0.000 claims description 13
- 238000013507 mapping Methods 0.000 claims description 13
- 230000002452 interceptive effect Effects 0.000 claims description 12
- 238000004364 calculation method Methods 0.000 claims description 10
- 230000006870 function Effects 0.000 claims description 10
- 230000008569 process Effects 0.000 claims description 9
- 238000005457 optimization Methods 0.000 claims description 8
- 239000011159 matrix material Substances 0.000 claims description 6
- 238000012549 training Methods 0.000 claims description 6
- 241001334134 Rugopharynx epsilon Species 0.000 claims description 4
- 125000003275 alpha amino acid group Chemical group 0.000 claims description 3
- 150000001875 compounds Chemical class 0.000 claims description 3
- 230000008602 contraction Effects 0.000 claims description 3
- 238000000354 decomposition reaction Methods 0.000 claims description 3
- 230000005484 gravity Effects 0.000 claims description 3
- 238000013178 mathematical model Methods 0.000 claims description 3
- 230000003247 decreasing effect Effects 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 9
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 4
- 238000003860 storage Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000007423 decrease Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000003321 amplification Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000003199 nucleic acid amplification method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000013468 resource allocation Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 230000005428 wave function Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G06F9/4881—Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/23—Clustering techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/004—Artificial life, i.e. computing arrangements simulating life
- G06N3/006—Artificial life, i.e. computing arrangements simulating life based on simulated virtual individual or collective life forms, e.g. social simulations or particle swarm optimisation [PSO]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention relates to a load aggregation public service platform heterogeneous password computing service multitasking scheduling algorithm, which comprises the following steps: step 1, establishing a load aggregation platform password service architecture and a multi-task scheduling model for heterogeneous password computing resources by taking a maximum task security guarantee coefficient and a minimum system total completion time as targets; and 2, solving the multi-task scheduling model established in the step 1 by adopting a password service task scheduling algorithm to obtain the maximum task security guarantee coefficient and the minimum total system completion time. The invention can ensure the safe and efficient execution of the password service task.
Description
Technical Field
The invention belongs to the technical field of password service computing, relates to a heterogeneous password computing service multitasking algorithm, and particularly relates to a load aggregation public service platform heterogeneous password computing service multitasking method.
Background
With the idea of password management and control of cloud computing, password service computing is completed on a cloud computing platform. The existing cloud computing platform is to carry out equivalent virtualization on a hardware server and place an application in a virtual machine to complete computation. However, the smart grid has different security requirements with the password service of different services in the interaction system of the new energy automobile, and the high security or core computing task must be executed in a special physical password machine. Therefore, a novel mixed bottom hardware platform architecture with coexisting physical crypto machines (Physical Cryptographic Machine, PCM) and virtual crypto machines (Virtual Cryptographic Machine, VCM) is formed, which is a special requirement for password management and control of a vehicle-network interactive load aggregation public service platform, and is essentially different from the existing general cloud computing platform. At present, no task scheduling algorithm aiming at the new bottom hardware platform exists so as to exert the safety of the physical cipher machine and the computing efficiency of the virtual cipher machine to the maximum extent.
In recent years, many scholars have conducted related studies on cryptographic services. In terms of cryptographic computing modes, researchers discuss security quality optimization problems in real-time PCM computing systems, or propose providing security services for the power internet of things with virtual cryptographic service clouds. However, the single PCM computing resource is not elastically expandable, and the cryptographic operation is inefficient. The single VCM password calculation mode has network potential safety hazards such as virtualized software loopholes, virtualized operation and maintenance defects and the like. Meanwhile, in the aspect of task scheduling algorithm optimization, some researchers propose a distributed table driving task scheduling method based on GA and DAG graphs. Some researchers propose a workflow scheduling method based on the free time slots of the security tasks. However, the above cryptographic task scheduling algorithm cannot realize the adaptive allocation of tasks in heterogeneous cryptographic computing resources.
No prior art publication is found, which is the same or similar to the present invention, upon searching.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a load aggregation public service platform heterogeneous password computing service multitasking method, which can solve the technical problems that the security and timeliness satisfaction of the large-scale vehicle network interaction load aggregation public service platform password service task computing reach expectations at the same time.
The invention solves the practical problems by adopting the following technical scheme:
a multi-task scheduling method for heterogeneous password computing service of a load aggregation public service platform comprises the following steps:
step 1, establishing a load aggregation platform password service architecture and a multi-task scheduling model for heterogeneous password computing resources by taking a maximum task security guarantee coefficient and a minimum system total completion time as targets;
and 2, solving the multi-task scheduling model established in the step 1 by adopting a password service task scheduling algorithm to obtain the maximum task security guarantee coefficient and the minimum total system completion time.
Moreover, the specific steps of the step 1 include:
(1) Establishing a password service task and an operation node model:
the load aggregation platform password service system is a password service task set T ask And operation node set c= { C p ,C v A combination of n cryptographic service task sequences denoted as T ask ={T 1 ,T 2 ,…,T n },T i Represents the ith cryptographic task in the task group, i e {1,2, …, n }, the variables represent task ID information, task submission time, task start execution time, deadline, execution time, service command, execution algorithm, and security level in order. All tasks in a task sequence +.>The same applies. />For the password calculation resource requirement, r epsilon {1,2,3,4}, which sequentially represent CPU resources, memory resources, hard disk resources and password card I/O port throughput.
Wherein, the operation node set c= { C p ,C v By PCM operation node C p And VCM operation node C v Composition is prepared. C (C) p ={C p1 ,C p2 ,…,C pm },C pj For the j-th PCM, j e {1,2, …, m }, C v ={C v1 ,C v2 ,…,C vl },C vk for the kth VCM, k ε {1,2, …, l }, -A }> VCM host is independently deployed and exclusive of the whole host, C vko Then it is VCM No. k in host H.
(a)ID number for physical crypto-machine j, +.>Is the ID number of virtual crypto-machine k.
(b)And->r epsilon {1,2,3,4}, which in turn represent CPU resource attributes, memory resource attributes, hard disk resource attributes, crypto card I/O port throughput, +.>
(2) And establishing a password service task scheduling model by taking the maximum task security guarantee coefficient and the minimum system total completion time as targets:
the cryptographic service task schedule is defined as a function of the cryptographic service task mapping to the compute node C:
f:T→C (1)
assigning cryptographic service tasks to PCM and VCM are defined as related to respectivelyAnd->The binary variables of (2) and (3) are shown in the formula. Equation (4) defines the system security decision amount +.>1 and 0.5 respectively:
taking the maximum task security guarantee coefficient formula (5) and the minimum system total completion time formula (6) as optimization targets, the password service task scheduling mathematical model is as follows:
constraint 1:
constraint 2:
constraint 3:
in the formula (6), the amino acid sequence of the compound,and->Earliest total completion time for the PCM and VCM node egress password service tasks, respectively, +.>The execution time of the task at the minimum cryptographic operation unit is exported for the task sequence. Formula (7) constrained cryptographic service tasks will be allocated to at least PCM or VCM running node execution; equation (8) indicates that the cryptographic service task should be performed to completion before the task deadline; equation (9) indicates that when the cryptographic service task SAL is 4, the task must be performed in PCM.
Moreover, the specific steps of the step 2 include:
(1) Cryptographic service task clustering
Based on the G-dimensional characteristic attribute samples of n password service tasks, the distance judgment between the DEC embedded center and the initial clustering center is improved by using the weighted Markov distance, and the specific calculation steps are as follows:
a. calculating the specific gravity of the characteristic attribute g of the task i in the sample set:
in the middle ofAnd g characteristic attribute data standard values for the ith task.
b. Calculating information entropy E of g-th characteristic attribute in sample set n g :
c. From the entropy of information E g Calculating entropy weight psi of characteristic attribute g g :
Defining a cryptographic service task sample T assuming that the characteristic attributes in the sample are mutually uncorrelated i And T i The 'weighted mahalanobis distance' is as follows:
in the middle ofIs a task feature attribute weight matrix, +.>The covariance generalized inverse matrix is a characteristic attribute.
Calculating the embedding point z according to (12) i And cluster centerμ s Then calculates the embedding point z according to equation (13) i And cluster centerμ s Is a weighted mahalanobis distance phi md (z) i ,μ s ). And (3) referring to the training process of the DEC model, and obtaining the optimal password task feature estimation and clustering center through continuous training.
(2) Virtual cryptographic machine creation and matching
Virtual password service cluster based on vehicle network interaction service is created by taking vehicle network interaction service type as core principle of password task decomposition<C vm Business>According to the attribute of the password service task IDMatching the task to a corresponding vehicle network interactive password task server; then, calculating resource demand data based on the historical password service task, and analyzing each resource type task in the same vehicle network interactive service and the total submission of the serviceThe ratio of the transaction numbers, Ω, as in equation (14), creates a VCM class<C vm Class>;
In I T class The I represents the total number of password tasks of a type of vehicle network interaction service, and the I Tclass rho I represents a set T class Calculating the cipher service task number with the resource type of ρ, ρ=1, 2 and … K number 。
The comprehensive matching degree of the naive Bayes theory-based password service task and the VCM class consists of the matching degree of each computing resource, and the matching degree of the task i and the r-th computing attribute of the virtual password machine k is expressed as follows:
where r.epsilon. {1,2,3,4},therefore->And when->The higher the value, the higher the matching degree of the password service task and the r-th attribute of the VCM.
The comprehensive matching degree of the password service task i and the virtual password machine k is defined as follows:
when the value of the xi (Cvk|Tclass i) is maximum, judging the task i and the virtual passwordMachine for making foodThe best match, task i, is scheduled to this class of VCM.
Minimum cipher operation unit C vk Constitutes a VCM class, whose computational attributes are related to the VCM class. The minimum cryptographic operation unit creates a constraint that satisfies:
in the middle ofCPU computing resource representing kth VCM in the (O) th host, O CPU Indicating the total amount of host CPU resources.
(3) Quantum particle swarm QPSO-based password service task mapping
The real number coding mode is adopted, and the position information of the particles represents the password service task T class In virtual cryptographic machineMapping relation. The QPSO particle location update equation is as follows:
Pb ik =σ×Pb ik +(1-σ)×Gb (19)
wherein ik= (1, 2, …, N) particle ),Pb ik Gb is the global optimal position of the particle population, eta and sigma are random values between (0, 1), mb is the average optimal position of all particles, N particle T is the total number of particles ite For the number of iterations, tite max is the maximum number of iterations, ζ is the coefficient of contraction expansion, ζ= (ζ) max -ζ min )×(tite max-t ite )/tite max+ζ min ,ζ∈[ζ max ,ζ min ]Typically, the value decreases linearly from 1.0 to 0.5. In the virtual cryptographic machine execution environment, the completion time of the VCM exit cryptographic task is minimized as an fitness function.
In the method, in the process of the invention,the task sequence is respectively the task execution time, the starting time and the submitting time.
The invention has the advantages and beneficial effects that:
1. the invention provides a load aggregation public service platform heterogeneous password computing service multi-task scheduling method, which comprises the steps of firstly, designing a multi-task scheduling model considering safety and efficiency aiming at a heterogeneous password computing service mode. Secondly, an improved deep embedded clustering (Development Deep embedding clustering, DDEC) algorithm is adopted to determine the execution scene of the task, the high-security-level low-resource-consumption task is distributed to the PCM, the low-security-level high-resource-consumption task is distributed to the VCM, and the maximum utilization of the PCM security and the VCM calculation efficiency is realized. And finally, matching the password operation service operation unit based on the task service ID and the password service task resource, and reducing the complexity of scheduling the password service task of the vehicle network interactive load aggregation service platform. Aiming at the safety and timeliness requirements of a novel hybrid password computing resource password service system, the invention provides a load aggregation public service platform heterogeneous password computing service multitasking method, which ensures safe and efficient execution of password service tasks.
2. Aiming at a novel mixed computing mode of combining PCM and VCM for the cryptographic computing of a cryptographic service system of a load aggregation platform, a safe and efficient computing resource allocation algorithm is researched, and a multi-task scheduling model for heterogeneous cryptographic computing service of the load aggregation platform is established.
3. The invention provides a password service task execution scene dispatching method based on improved deep embedding clustering. And amplifying the characteristic attribute importance differences such as task ID, computing resources, security level and the like by using the information entropy weighted Markov distance, determining the task category, judging the execution scene of the task and meeting the requirements of system security and timeliness.
4. The invention provides a naive Bayes-based password service task quick matching method based on the characteristics of multi-round interaction and confidentiality in the password service task scheduling process, and reduces the complexity of the task to VCM dispatching process. Meanwhile, the mapping rule from the task to the minimum password operation unit is optimized based on the quantum particle swarm algorithm so as to optimize the task completion time.
Drawings
FIG. 1 is a diagram of a multi-task scheduling architecture for heterogeneous cryptographic computing services of a load-oriented aggregated common services platform of the present invention;
FIG. 2 is a schematic diagram of VCM creation based on vehicle network interactive service type of the present invention;
FIG. 3 is a graph of the cryptographic service task clustering effect of the present invention;
FIG. 4 is a cryptographic resource utilization schematic of the present invention;
fig. 5 is a schematic diagram of a service level agreement breach rate of the present invention.
Detailed Description
Embodiments of the invention are described in further detail below with reference to the attached drawing figures:
the invention provides a load aggregation public service platform heterogeneous password computing service multitasking scheduling method. Firstly, considering the necessity of PCM for task execution safety and the high efficiency of VCM in a password service system of a load aggregation service platform, the invention provides a multi-task scheduling model of the password service of the load aggregation platform for heterogeneous password computing resources by taking the maximum task security guarantee coefficient and the minimum total system completion time as targets. Secondly, a password service task execution scene dispatching method based on an improved deep embedding clustering algorithm is provided. And amplifying importance among attributes by using information entropy weight of task features, accurately judging task types by using weighted mahalanobis distance as a criterion of sample clustering, and determining that the password task is executed in the PCM or the VCM. Finally, a password service cluster is established based on the vehicle network interaction service type carried by the password task, and the password operation node suitable for task computing resources is matched based on the naive Bayes principle, so that the task scheduling complexity is reduced.
A multi-task scheduling method for heterogeneous password computing service of a load aggregation public service platform comprises the following steps:
step 1, establishing a load aggregation platform password service architecture and a multi-task scheduling model for heterogeneous password computing resources by taking a maximum task security guarantee coefficient and a minimum system total completion time as targets;
the specific steps of the step 1 comprise:
(1) Establishing a password service task and an operation node model:
the load aggregation platform password service system is a password service task set T ask And operation node set c= { C p ,C v A combination of n cryptographic service task sequences denoted as T ask ={T 1 ,T 2 ,…,T n },T i Represents the ith cryptographic task in the task group, i e {1,2, …, n }, all tasks in a task sequence +.>The same applies. />For the password calculation resource requirement, r epsilon {1,2,3,4}, which sequentially represent CPU resources, memory resources, hard disk resources and password card I/O port throughput.
The specific meanings of the parameters are as follows:
TABLE 1 Cryptographic service task Attribute parameters
The security performance requirements of different tasks in the password service system of the load aggregation service platform are different. Referring to nistin-7628 and IEC62443, the more important the end and user-carried vehicle network interactive services, the higher their cryptographic service traffic importance, the higher the cryptographic service security assurance level (Security Assurance Level, SAL) and the greater the SAL value.
Operation node set c= { C p ,C v By PCM operation node C p And VCM operation node C v Composition is prepared. C (C) p ={C p1 ,C p2 ,…,C pm },C pj For the j-th PCM, j e {1,2, …, m },C v ={C v1 ,C v2 ,…,C vl },C vk for the kth VCM, k ε {1,2, …, l }, -A }>VCM host is independently deployed and exclusive of the whole host, C vko Then it is VCM No. k in host H.
(a)ID number for physical crypto-machine j, +.>Is the ID number of virtual crypto-machine k.
(b)And->r.epsilon. {1,2,3,4}, which in turn represent CPU resource attribute, memory resource attribute, hard disk resource attribute, cipher card I/O port throughput,/and so on>
(2) And establishing a password service task scheduling model by taking the maximum task security guarantee coefficient and the minimum system total completion time as targets:
the cryptographic service task schedule is defined as a function of the cryptographic service task mapping to the compute node C:
f:T→C (1)
the invention assigns cryptographic service tasks to PCM and VCM as defined separately forAnd-> The binary variables of (2) and (3) are shown in the formula. Equation (4) defines the amount of system security decisions when cryptographic tasks are dispatched to PCM and VCM execution1 and 0.5, respectively.
Taking a maximum task security factor (Task Safety Factor, TSF) formula (5) and a minimum Total system completion Time (TM) formula (6) as optimization targets, the cryptographic service task scheduling mathematical model is as follows:
constraint 1:
constraint 2:
constraint 3:
in the formula (6), the amino acid sequence of the compound,and->Earliest total completion time for the PCM and VCM node egress password service tasks, respectively, +.>The execution time of the task at the minimum cryptographic operation unit is exported for the task sequence. Formula (7) constrained cryptographic service tasks will be allocated to at least PCM or VCM running node execution; equation (8) indicates that the cryptographic service task should be performed to completion before the task deadline; equation (9) indicates that when the cryptographic service task SAL is 4, the task must be performed in PCM.
And 2, solving the multi-task scheduling model established in the step 1 by adopting a password service task scheduling algorithm to obtain the maximum task security guarantee coefficient and the minimum total system completion time.
As shown in FIG. 1, the invention provides a multi-task scheduling architecture for heterogeneous password computing services of a load aggregation public service platform, which consists of four main modules, namely password service task clustering, virtual password machine creation, matching of tasks and operation node classes, and mapping of tasks to a minimum password operation unit.
The specific steps of the step 2 include:
(1) Cryptographic service task clustering
The invention improves the traditional deep embedded clustering algorithm, amplifies the importance of the characteristic attribute of the password service task, and ensures that the task clustering effect meets the performance requirement of the password service system. Based on the improved DEC algorithm, task execution scenes are determined according to task feature attribute self-adaptive completion password service task clustering.
Based on the G-dimensional characteristic attribute samples of n password service tasks, the distance judgment between the DEC embedded center and the initial clustering center is improved by using the weighted Markov distance, and the specific calculation steps are as follows:
a. calculating the specific gravity of the characteristic attribute g of the task i in the sample set:
in the middle ofAnd g characteristic attribute data standard values for the ith task.
b. Calculating information entropy E of g-th characteristic attribute in sample set n g :
c. From the entropy of information E g Calculating entropy weight psi of characteristic attribute g g :
Defining a cryptographic service task sample T assuming that the characteristic attributes in the sample are mutually uncorrelated i And T i The 'weighted mahalanobis distance' is as follows:
in the middle ofIs a task feature attribute weight matrix, +.>The covariance generalized inverse matrix is a characteristic attribute.
Calculating the embedding point z according to (12) i And cluster centerμ s Then calculates the embedding point z according to equation (13) i And cluster centerμ s Is a weighted mahalanobis distance phi md (z) i ,μ s ). And (3) referring to the training process of the DEC model, and obtaining the optimal password task feature estimation and clustering center through continuous training.
(2) Virtual cryptographic machine creation and matching
The practical application condition of the load aggregate external password service system shows that the password service tasks submitted by different terminals and users at the same time are mutually independent, and the password service tasks submitted by the same terminals and users with strong correlation are packaged according to the password service business instruction types. The invention creates a virtual password service cluster based on the vehicle network interactive service by taking the vehicle network interactive service type as the core principle of password task decomposition<C vm Business>According to the attribute of the password service task IDMatching tasks to corresponding vehicle network interaction passwordsAnd the task server side. Then, calculating resource demand data based on the historical password service task, analyzing the ratio omega of each resource type task in the same vehicle network interactive service to the total submitted task number of the service, and creating VCM class as shown in formula (14)<C vm Class>As shown in fig. 2.
In I T class The I represents the total number of password tasks of a type of vehicle network interaction service,representing a set T class Calculating the cipher service task number with the resource type of ρ, ρ=1, 2 and … K number 。
The comprehensive matching degree of the naive Bayes theory-based password service task and the VCM class consists of the matching degree of each computing resource, and the matching degree of the task i and the r-th computing attribute of the virtual password machine k is expressed as follows:
where r.epsilon. {1,2,3,4},therefore->And when->The higher the value, the higher the matching degree of the password service task and the r-th attribute of the VCM.
The comprehensive matching degree of the password service task i and the virtual password machine k is defined as follows:
when (when)When the value is maximum, judging task i and the virtual cryptographic machine of the class +.>The best match, task i, is scheduled to this class of VCM.
Minimum cipher operation unit C vk Constitutes a VCM class, whose computational attributes are related to the VCM class. The minimum cryptographic operation unit creates a constraint that satisfies:
in the middle ofCPU computing resource representing kth VCM in the (O) th host, O CPU Indicating the total amount of host CPU resources.
(3) Quantum particle swarm QPSO-based password service task mapping
After the best task is matched with the VCM, the part of task sequence still has the characteristics of more loaded terminal types, more data volume and more password service types. These tasks have similar computing resource attributes but different execution times and deadlines, and the tasks are independent of each other, resulting in uncertainty in the execution time of the scheduled task. Therefore, the invention adopts quantum particle swarm algorithm (Quantum Particle Swarm Optimization, QPSO) to complete the mapping from the partial task scheduling to the minimum password operation unit, and determines the task execution position and execution sequence so as to realize the optimization problem of task execution time. The QPSO algorithm is different from the conventional particle swarm optimization algorithm, which describes the position state of particles in the quantum space using a wave function, and uses only the position parameters to determine the convergence speed and position information of the particles, as shown in equation (19).
Compared with the traditional PSO algorithm, the QPSO algorithm has the advantages of high-efficiency global searching capability, simpler algorithm structure, wider problem solving range and the like. The proper cryptographic task T has been created in the front section class Virtual crypto-machine class(s). The invention adopts a real number coding mode, and the position information of particles represents a password service task T class In virtual cryptographic machineMapping relation. The QPSO particle location update equation is as follows:
Pb ik =σ×Pb ik +(1-σ)×Gb (19)
Pb ik (t ite +1)=Pb ik ±ζ·|Mb-Pb ik (t ite )|·ln(1/η) (21)
wherein ik= (1, 2, …, N) particle ),Pb ik Gb is the global optimal position of the particle population, eta and sigma are random values between (0, 1), mb is the average optimal position of all particles, N particle T is the total number of particles ite For the iteration number, titemax is the maximum iteration number, ζ is the coefficient of contraction and expansion, ζ= (ζ) max -ζ min )×(tite max-t ite )/tite max+ζ min ,ζ∈[ζ max ,ζ min ]Typically, the value decreases linearly from 1.0 to 0.5. In the virtual cryptographic machine execution environment, the completion time of the VCM exit cryptographic task is minimized as an fitness function.
In the method, in the process of the invention,the task sequence is respectively the task execution time, the starting time and the submitting time.
The invention is further illustrated by the following examples:
1) Experimental environment
Experiments were completed based on Cloudsim and semi-physical simulation platforms. The password computing device PCM adopts 4 SJJ1009 (X) physical password machines, a minimum linux operating system, a 10-core 3.3GHz CPU, the maximum throughput of an I/O port of a password card of an operating memory 2GB,HD 2G,1000Mbps, the VCM adopts a SJJ1601 cloud service password machine, an E5-2670V3 type 12-core 2.3GHz CPU, the maximum throughput of an I/O port of the password card of 32GB, HD 160G, the maximum throughput of the operating system OpenSuse13.2 and the maximum support of creating 32 VCM.
The calculation example analysis adopts 15000 typical vehicle network interaction business password service task data within 1 day of a power company load aggregation service platform, wherein the data comprise marketing data encryption business, user and equipment authentication business, user data storage business, charging pile metering business and key encryption protection business password service requests (task proportion is 1:2:1:4:2). The partial password service task attributes are shown in table 2.
Table 2 cryptographic service task attributes
The present invention compares the proposed Clustering Mapping Scheduling (CMS) algorithm to EDF, TSS and NSGA II scheduling algorithms for performance. The contrast algorithm task to execution scenario takes the form of random allocation.
2) Scheduling algorithm performance
A password service task clustering
And based on the vehicle network interactive password service task characteristic attribute data, the password service task clustering is realized, and two types of tasks of high security level/low resource consumption task and low security level/high resource consumption are formed.
As shown in fig. 3, the type a task appears as a high security level/low resource consumption task, executing in PCM; type B tasks appear as low security level/high resource consumption tasks, executing in the VCM. Meanwhile, it is known that the task number of type a is 33.68% of the total task number, and the task number of type B is 66.32%. The invention improves the significance amplification of the task attributes by the DEC algorithm, is more beneficial to the realization of the determination of the execution scene of the password service task and solves the problems of safety and resource boundary ambiguity during the division of the password task.
B-password I/O resource utilization
The cryptographic I/O resource utilization (I/O resource utilization) reflects heterogeneous cryptographic computing resource utilization. The calculation mode is shown as a formula (23).
U Resource =T Throughput /B max (23)
Wherein: u (U) Resource The I/O resource utilization rate of the password card is used; t (T) Throughput B for cryptographic card I/O throughput max Is the maximum throughput bandwidth.
FIG. 4 shows the variation of I/O resource utilization rate of a cryptographic card along with the total number of cryptographic service tasks, wherein two dotted lines respectively represent 70% -85% of the upper and lower bounds of the optimal cryptographic computing resource utilization rate. When the total number of the password tasks n=1000, the password resource utilization rate of the three scheduling algorithms is not more than 3%; when n=5223, the corresponding Utilization of the method is improved to 70%, and the number of tasks is still kept below 85% along with the increase of the number of tasks. The TSS algorithm Utilization is always lower than 70% when the task number is less than 9950, and the NSGAII algorithm has a Utilization value greater than 85% after the task number exceeds 7656, so that the condition of overload of password resource use occurs.
C service level agreement default rate
Wherein:the coefficient demand is ensured for the task safety,/>for task completion time demand, < >>For the security assurance actual value, +.>To complete the time actual value.
As shown in fig. 5, the SLA breach rate corresponding to the CMS scheduling algorithm of the present invention is always kept to be the lowest, and the rate of increase is the lowest as the tasks increase. When the total number of password service tasks n is 15000, the corresponding SLA violating rate of the CMS algorithm is 12.7%, which is reduced by 48.2% compared with the TSS algorithm and by 33.9% compared with the NSGA II algorithm. The CMS scheduling algorithm is used for adaptively distributing tasks to different password operation nodes according to service requirements, so that the safety guarantee and the efficiency of executing various types of tasks are met.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Claims (1)
1. A multi-task scheduling method for heterogeneous password computing service of a load aggregation public service platform is characterized by comprising the following steps of: the method comprises the following steps:
step 1, establishing a load aggregation platform password service architecture and a multi-task scheduling model for heterogeneous password computing resources by taking a maximum task security guarantee coefficient and a minimum system total completion time as targets;
step 2, solving the multi-task scheduling model established in the step 1 by adopting a password service task scheduling algorithm to obtain a maximum task security guarantee coefficient and minimum total system completion time;
the specific steps of the step 1 comprise:
(1) Establishing a password service task and an operation node model:
the load aggregation platform password service system is a password service task set T ask And operation node set c= { C p ,C v A combination of n cryptographic service task sequences denoted as T ask ={T 1 ,T 2 ,…,T n },T i Represents the ith cryptographic task in the task group, i e {1,2, …, n },
the saidSequentially representing task ID information, task submitting time, task starting execution time, deadline, execution time, service command, execution algorithm and security level; all tasks in a task sequence +.>The same; />For the password calculation resource requirement, r epsilon {1,2,3,4}, which sequentially represent CPU resources, memory resources, hard disk resources and password card I/O port throughput;
operation node set c= { C p ,C v By physical crypto-engine PCM operation node C p And virtual crypto-machine VCM operational node C v Composition; c (C) p ={C p1 ,C p2 ,…,C pm },C pj For the j-th PCM, j e {1,2, …, m },C v ={C v1 ,C v2 ,…,C vl },C vk for the kth VCM, k ε {1,2, …, l }, -A }>VCM host is independently deployed and exclusive of the whole host, C vko Then the VCM is the kth VCM in the (o) th host H;
(a)ID number for physical crypto-machine j, +.>ID number for virtual crypto-machine k;
(b)and->r epsilon {1,2,3,4}, which in turn represent CPU resource attributes, memory resource attributes, hard disk resource attributes, crypto card I/O port throughput, +.>
(2) And establishing a password service task scheduling model by taking the maximum task security guarantee coefficient and the minimum system total completion time as targets:
the cryptographic service task schedule is defined as a function of the cryptographic service task mapping to the compute node C:
f:T→C (1)
assigning cryptographic service tasks to PCM and VCM are defined as related to respectivelyAnd->The binary variables of (a) are shown as the formula (2) and the formula (3); equation (4) defines the system security decision amount +.>1 and 0.5 respectively:
taking the maximum task security guarantee coefficient formula (5) and the minimum system total completion time formula (6) as optimization targets, the password service task scheduling mathematical model is as follows:
constraint 1:
constraint 2:
constraint 3:in the formula (6), the amino acid sequence of the compound, and->Earliest total completion time for the PCM and VCM node egress password service tasks, respectively, +.>The execution time of the task at the minimum password operation unit is exported for the task sequence; formula (7) constrained cryptographic service tasks will be allocated to at least PCM or VCM running node execution; equation (8) indicates that the cryptographic service task should be performed to completion before the task deadline; equation (9) indicates that when the cryptographic service task SAL is 4, the task must be performed in PCM;
the specific steps of the step 2 include:
(1) Cryptographic service task clustering
Based on the G-dimensional characteristic attribute samples of n password service tasks, the distance judgment between the DEC embedded center and the initial clustering center is improved by using the weighted Markov distance, and the specific calculation steps are as follows:
a. calculating the specific gravity of the characteristic attribute g of the task i in the sample set:
in the middle ofThe standard value of the characteristic attribute data of the ith task g is the standard value of the characteristic attribute data of the ith task g;
b. calculating information entropy E of g-th characteristic attribute in sample set n g :
c. From the entropy of information E g Calculating entropy weight psi of characteristic attribute g g :
Defining a cryptographic service task sample T assuming that the characteristic attributes in the sample are mutually uncorrelated i And T i The 'weighted mahalanobis distance' is as follows:
in the middle ofIs a task feature attribute weight matrix, +.>The covariance generalized inverse matrix is a characteristic attribute;
calculating the embedding point z according to (12) i And cluster centerμ s Then calculates the embedding point z according to equation (13) i And cluster centerμ s Is a weighted mahalanobis distance phi md (z) i ,μ s ) The method comprises the steps of carrying out a first treatment on the surface of the Referring to the training process of the DEC model, obtaining the optimal password task characteristic estimation and clustering center through continuous training;
(2) Virtual cryptographic machine creation and matching
Virtual password service cluster based on vehicle network interaction service is created by taking vehicle network interaction service type as core principle of password task decomposition<C vm Business>According to the attribute of the password service task IDMatching the task to a corresponding vehicle network interactive password task server; then, calculating resource demand data based on the historical password service task, and analyzing each resource type task and the industry in the same vehicle network interactive serviceRatio of total submitted task number Ω, as in equation (14), creates VCM class<C vm Class>;
In I T class The I represents the total number of password tasks of a type of vehicle network interaction service,representing a set T class Calculating the cipher service task number with the resource type of ρ, ρ=1, 2 and … K number ;
The comprehensive matching degree of the naive Bayes theory-based password service task and the VCM class consists of the matching degree of each computing resource, and the matching degree of the task i and the r-th computing attribute of the virtual password machine k is expressed as follows:
where r.epsilon. {1,2,3,4},therefore->And when->The higher the value is, the higher the matching degree of the password service task and the attribute of the r-th item of the VCM is;
the comprehensive matching degree of the password service task i and the virtual password machine k is defined as follows:
when (when)When the value is maximum, judging task i and the virtual cryptographic machine of the class +.>Best match, i.e., task i is scheduled to the class VCM;
minimum cipher operation unit C vk Constitutes a VCM class, the computational attributes of which are related to the VCM class; the minimum cryptographic operation unit creates a constraint that satisfies:
in the middle ofCPU computing resource representing kth VCM in the (O) th host, O CPU Representing the total amount of host CPU resources;
(3) Quantum particle swarm QPSO-based password service task mapping
The real number coding mode is adopted, and the position information of the particles represents the password service task T class In virtual cryptographic machineMapping relation; the QPSO particle location update equation is as follows:
Pb ik =σ×Pb ik +(1-σ)×Gb (19)
Pb ik (t ite +1)=Pb ik ±ζ·|Mb-Pb ik (t ite )|·ln(1/η) (21)
wherein ik= (1, 2, …, N) particle ),Pb ik Gb is the global optimal position of the particle population, eta and sigma are random values between (0, 1), mb is the average optimal position of all particles, N particle T is the total number of particles ite For the number of iterations,for maximum number of iterations ζ is the coefficient of contraction expansion, +.>ζ∈[ζ max ,ζ min ]The value is generally linearly decreased from 1.0 to 0.5; in the virtual cryptographic machine execution environment, taking the completion time of the minimum VCM export cryptographic task as an fitness function;
in the method, in the process of the invention,the task sequence is respectively the task execution time, the starting time and the submitting time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210322061.4A CN114741169B (en) | 2022-03-30 | 2022-03-30 | Multi-task scheduling method for heterogeneous password computing service of load aggregation public service platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210322061.4A CN114741169B (en) | 2022-03-30 | 2022-03-30 | Multi-task scheduling method for heterogeneous password computing service of load aggregation public service platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114741169A CN114741169A (en) | 2022-07-12 |
| CN114741169B true CN114741169B (en) | 2024-02-13 |
Family
ID=82276800
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210322061.4A Active CN114741169B (en) | 2022-03-30 | 2022-03-30 | Multi-task scheduling method for heterogeneous password computing service of load aggregation public service platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114741169B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116108474B (en) * | 2023-04-13 | 2023-06-30 | 深圳奥联信息安全技术有限公司 | Big data system password service method and system |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109361517A (en) * | 2018-08-21 | 2019-02-19 | 西安得安信息技术有限公司 | A kind of virtualization cloud cipher machine system and its implementation based on cloud computing |
| CN109615143A (en) * | 2018-12-18 | 2019-04-12 | 中国民航大学 | Wide-area Measurement Information management system task schedule ant colony optimization algorithm based on multi-QoS constraint |
| CN110321695A (en) * | 2019-07-11 | 2019-10-11 | 成都卫士通信息产业股份有限公司 | Big data system password method of servicing, device |
| CN110572258A (en) * | 2019-07-24 | 2019-12-13 | 中国科学院数据与通信保护研究教育中心 | Cloud password computing platform and computing service method |
| CN111541646A (en) * | 2020-03-24 | 2020-08-14 | 成都国泰网信科技有限公司 | Method for enhancing security service access capability of cipher machine |
| CN113411369A (en) * | 2020-03-26 | 2021-09-17 | 山东管理学院 | Cloud service resource collaborative optimization scheduling method, system, medium and equipment |
| CN113411209A (en) * | 2021-05-31 | 2021-09-17 | 中国电力科学研究院有限公司 | Distributed password service full-link detection system and method |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110851272B (en) * | 2019-10-30 | 2022-02-11 | 内蒙古农业大学 | Cloud task scheduling method based on phagocytic particle swarm genetic hybrid algorithm |
-
2022
- 2022-03-30 CN CN202210322061.4A patent/CN114741169B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109361517A (en) * | 2018-08-21 | 2019-02-19 | 西安得安信息技术有限公司 | A kind of virtualization cloud cipher machine system and its implementation based on cloud computing |
| CN109615143A (en) * | 2018-12-18 | 2019-04-12 | 中国民航大学 | Wide-area Measurement Information management system task schedule ant colony optimization algorithm based on multi-QoS constraint |
| CN110321695A (en) * | 2019-07-11 | 2019-10-11 | 成都卫士通信息产业股份有限公司 | Big data system password method of servicing, device |
| CN110572258A (en) * | 2019-07-24 | 2019-12-13 | 中国科学院数据与通信保护研究教育中心 | Cloud password computing platform and computing service method |
| CN111541646A (en) * | 2020-03-24 | 2020-08-14 | 成都国泰网信科技有限公司 | Method for enhancing security service access capability of cipher machine |
| CN113411369A (en) * | 2020-03-26 | 2021-09-17 | 山东管理学院 | Cloud service resource collaborative optimization scheduling method, system, medium and equipment |
| CN113411209A (en) * | 2021-05-31 | 2021-09-17 | 中国电力科学研究院有限公司 | Distributed password service full-link detection system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114741169A (en) | 2022-07-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107491341B (en) | A kind of virtual machine distribution method based on particle group optimizing | |
| CN110096349A (en) | A kind of job scheduling method based on the prediction of clustered node load condition | |
| CN108874538B (en) | Scheduling server, scheduling method and application method for scheduling quantum computer | |
| CN102799957A (en) | Scientific work flow scheduling method with safe perception under cloud calculation environment | |
| CN111813506A (en) | Resource sensing calculation migration method, device and medium based on particle swarm algorithm | |
| CN114741169B (en) | Multi-task scheduling method for heterogeneous password computing service of load aggregation public service platform | |
| Naik et al. | Multiobjective virtual machine selection for task scheduling in cloud computing | |
| Supreeth et al. | Comparative approach for VM scheduling using modified particle swarm optimization and genetic algorithm in cloud computing | |
| Kodli et al. | Hybrid Max-Min Genetic Algorithm for Load Balancing and Task Scheduling in Cloud Environment. | |
| Kertész et al. | A pliant-based virtual machine scheduling solution to improve the energy efficiency of iaas clouds | |
| CN111176784A (en) | Virtual machine integration method based on extreme learning machine and ant colony system | |
| Panneerselvam et al. | An approach to optimise resource provision with energy-awareness in datacentres by combating task heterogeneity | |
| CN108073442B (en) | Simulation request execution time prediction method based on depth fuzzy stack self-coding | |
| Kousalya et al. | Hybrid algorithm based on genetic algorithm and PSO for task scheduling in cloud computing environment | |
| Siar et al. | A combination of game theory and genetic algorithm for load balancing in distributed computer systems | |
| Paul et al. | Dynamic virtual machine placement in cloud computing | |
| CN116360939A (en) | Method, system, equipment and storage medium for multitasking scheduling based on trusted computing | |
| Shubair | Enhancement of task scheduling technique of big data cloud computing | |
| Senthilkumar et al. | Energy aware task scheduling using hybrid firefly-GA in big data | |
| Fang et al. | Multi-objective virtual machine placement for load balancing | |
| Zhang et al. | Scheduling strategy for computational-intensive data flow in generalized cluster environments | |
| Hao et al. | Research for energy optimized resource scheduling algorithm in cloud computing base on task endurance value | |
| Kessaci et al. | An energy-aware multi-start local search heuristic for scheduling VMs on the OpenNebula cloud distribution | |
| Sharma et al. | Load Balancing Optimization for Green Cloud Environment Using Effective Scheduling | |
| Barzegar et al. | Heuristic algorithms for task scheduling in Cloud Computing using Combined Particle Swarm Optimization and Bat Algorithms |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |