CN116132195B - Security transmission guaranteeing system and method for computing power network - Google Patents

Security transmission guaranteeing system and method for computing power network Download PDF

Info

Publication number
CN116132195B
CN116132195B CN202310348521.5A CN202310348521A CN116132195B CN 116132195 B CN116132195 B CN 116132195B CN 202310348521 A CN202310348521 A CN 202310348521A CN 116132195 B CN116132195 B CN 116132195B
Authority
CN
China
Prior art keywords
network
target service
module
power
computing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310348521.5A
Other languages
Chinese (zh)
Other versions
CN116132195A (en
Inventor
唐岳峰
黄小敏
陈瑞腾
潘俊强
赖松辉
张用
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China ComService Construction Co Ltd
Original Assignee
China ComService Construction Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China ComService Construction Co Ltd filed Critical China ComService Construction Co Ltd
Priority to CN202310348521.5A priority Critical patent/CN116132195B/en
Publication of CN116132195A publication Critical patent/CN116132195A/en
Application granted granted Critical
Publication of CN116132195B publication Critical patent/CN116132195B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/146Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a security transmission guarantee system of an computing power network and a method thereof, which belong to the technical field of wireless communication networks and comprise an edge computing power node operation module, a controller, network equipment and a terminal, wherein the edge computing power node operation module is used for encrypting and decrypting field data information and forming a computing power information set through data throughput and transmitting the computing power information set to the controller; the controller acquires an on-site calculation force information set, identifies the calculation force information set based on a target service, calculates network information corresponding to the target service, and schedules and transmits the network information to the network equipment; and transmitting the calculation information of the target service to the terminal through the network equipment. The on-site service data is encrypted and decrypted through the edge computing power node computing module, so that the safety transportation of a large number of data sets is facilitated, the computing of high-performance computing power resources can be realized, the guarantee of certainty and reliability is provided for a network, and the new service functions and performance requirements are met.

Description

Security transmission guaranteeing system and method for computing power network
Technical Field
The invention belongs to the technical field of wireless communication networks, and particularly relates to a system and a method for guaranteeing the safe transmission of a computing power network.
Background
The computing power network is a novel network architecture integrating computing power and network depth, and is a novel information infrastructure for distributing and flexibly scheduling computing resources, storage resources and network resources among a cloud computing side, an edge computing side and a terminal side according to service requirements.
The emerging industries of intelligent manufacturing, intelligent driving and the like not only need high-performance computing resources, but also need networks to provide higher certainty and higher reliability so as to ensure that the requirements of service functions and performances are met, however, for one service, a plurality of edge computing nodes (Multi access Edge Computing, MEC) capable of providing services for the computing networks generally exist in the computing networks, after an entry node of the computing network receives a service request, the computing nodes capable of selecting computing resources and network resources to comprehensively optimize to provide services for the service according to the service requirements, and because the computing resources and the network resources are dynamically changed, the optimal computing nodes can be changed in the life cycle of one service, and the end-to-end certainty transmission and the efficient computing scheduling task between the computing nodes can not be realized at present, so that the development of time-sensitive and computation-intensive services is seriously influenced.
Disclosure of Invention
The invention aims to provide a system and a method for guaranteeing the safe transmission of a power computing network, which are used for solving the problems in the background technology.
The aim of the invention can be achieved by the following technical scheme:
the utility model provides a power calculation network safety transmission guarantee system, includes edge power calculation node operation module, controller, network equipment and terminal, wherein:
the controller comprises an acquisition module for acquiring a field computing power information set, a determination module and a scheduling module for determining network information corresponding to a target service by marking computing power information of the target service based on the field computing power information set acquired by the acquisition module, wherein the scheduling module acquires a message of the network information corresponding to the target service and a fast sub-stream and a slow sub-stream corresponding to a scheduler of a current heterogeneous network, divides the message of the network information to be transmitted into a plurality of data packets, transmits the plurality of message data packets corresponding to each network by utilizing the fast sub-stream or the slow sub-stream, and returns a scheduling feedback data packet containing a network address of edge computing equipment, and the acquisition module and the determination module are connected through a UART interface;
the edge computing power node operation module is used for encrypting and decrypting field data information and forming a computing power information set through data throughput and transmitting the computing power information set to the controller; the controller acquires an on-site calculation force information set, identifies the calculation force information set based on a target service, calculates network information corresponding to the target service, and schedules and transmits the network information to the network equipment; and transmitting the calculation information of the target service to the terminal through the network equipment.
Further, the edge computing power node operation module comprises a field acquisition module, a low computing power safety encryption and decryption module, a high computing power safety encryption and decryption module and an edge computing power module;
the field acquisition module acquires data of each service on the field;
the low-computation-power safe encryption and decryption module is used for conducting hardware encryption and decryption processing in the module on the data acquired by the field acquisition module;
the high-computation-power safe encryption and decryption module is used for conducting hardware encryption and decryption processing in the module for the selected data;
the edge computing power module carries out data throughput, processes and computes intensive data through IP field data packets to form a field computing power information set.
Further, the edge computing power node operation module further comprises a routing module, and the routing module is used for uniformly coordinating the work of each module in the edge computing power node operation module.
Further, the terminal sends the unique identifier corresponding to the target service to the controller.
Further, the determining module comprises a first determining unit, a calculating unit and a second determining unit;
the first determining unit performs identification based on the target service, and determines all edge computing force nodes of the target service through the identification;
the second determining unit determines computing force information corresponding to the target service based on the computing force nodes of each edge of the target service;
the computing unit computes network information corresponding to the target service through computing power information corresponding to the target service.
Further, the edge computing power node operation module further comprises a switching module, and the edge computing power module is connected with the routing module through the switching module.
Further, the edge computing module is connected with the routing module through an interface.
The utility model provides a secure transmission guarantee method of a power computing network, which comprises the following steps:
generating a preset connection request, wherein the preset connection request carries identification information of a target service requested by a terminal;
acquiring communication data of field service;
after encrypting and decrypting the communication data of the field service, enabling the communication data throughput of the field service to form a calculation information set;
identifying the power calculation information set based on the target service type, and acquiring power calculation information corresponding to the target service type;
and converting the calculation information of the target service into network information, and then transmitting the network information of the target service to the terminal through scheduling.
Further, the scheduling the network information of the target service specifically includes the following steps:
the method comprises the steps of obtaining a message of current network information to be transmitted and a fast substream and a slow substream corresponding to a scheduler of a current heterogeneous network, and dividing the message of the network information to be transmitted into a plurality of data packets;
replacing source addresses of the data packets with network addresses of edge computing equipment to obtain target data packets;
sending the target data packet to a designated service scheduler, and returning a scheduling feedback data packet containing the network address of the edge computing equipment by the designated scheduler;
and receiving a returned scheduling feedback data packet containing the network address of the edge computing equipment, replacing the destination address of the scheduling feedback data packet with the network address of the terminal, and then sending the scheduling feedback data packet to the terminal.
Further, the obtaining the computing power information corresponding to the target service type specifically includes the following steps:
inputting the identification of the target service, and identifying the on-site calculation information set;
determining each edge computing node of the target service according to the identification of the target service;
determining computing power information corresponding to the target service based on the computing power nodes of each edge of the target service;
and calculating the network information corresponding to the target service through the computing power information corresponding to the target service.
The invention has the beneficial effects that:
according to the system and the method for guaranteeing the safe transmission of the power computing network, disclosed by the invention, the edge power computing node operation module is used for carrying out encryption and decryption operation on field service data, so that safe transportation on a large number of data sets is facilitated, operation on high-performance power computing resources can be realized, deterministic and reliable guarantee is provided for the network, new service functions and performance requirements are met, in addition, the service power information is converted into network information through the controller, the network information is divided into a plurality of data packets through the dispatcher, the end-to-end deterministic transmission among power computing nodes and efficient dispatching of calculation tasks are realized, and the development of time-sensitive and computation-intensive services is improved.
Drawings
FIG. 1 is a schematic diagram of the overall structure of a security transmission system for a computing network according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a computing module of an edge computing node in a security transmission system of a computing network according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a controller in a security transmission system of an algorithm network according to an embodiment of the present invention;
fig. 4 is a flowchart illustrating steps of a method for securing transmission of a power network according to an embodiment of the present invention.
Detailed Description
The technical solutions of the embodiments of the present invention will be clearly and completely described below in conjunction with the embodiments of the present invention, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The power computing network is a novel information infrastructure for distributing and flexibly scheduling computing resources, storage resources and network resources among cloud, network and edges according to service requirements, and the working principle of the power computing network is as follows: the cloud network fusion technology and novel network technologies such as SDN/NFV are utilized to deeply fuse the edge computing nodes, the cloud computing nodes and various network resources including wide area networks together, reduce the management and control complexity of the edge computing nodes, and cooperate with the computing and storage resources of the cloud computing nodes and the network resources of the wide area networks through a centralized control or distributed scheduling method to form a new generation of information infrastructure, so that an overall computing power service comprising computing, storage and connection is provided for clients, and flexible and schedulable on-demand service is provided according to service characteristics.
The computing power network has the following three characteristics:
firstly, focusing on a special scene, and completing calculation with lower cost and power consumption; secondly, the network provides agile connection and flexible adjustment capability for the demand and supply of calculation force; third, full utilization of resources should be performed. The cooperation between the cores in the processor, the cooperation seen by a plurality of servers in the data center, and the optional calculation force of the network edge. The computing force collaboration may allow computing force resources to be fully utilized.
The reduction of network delay requires multiple aspects of network architecture, technology upgrade, etc. Aiming at the current network delay problem, the method reduces the flow revolution among cross areas by means of optical cable connection among encryption hubs, construction of direct optical cables and the like, realizes flow local exchange, and reduces the delay, on the other hand, the industry is researching and testing future networks, and the current method of replacing a deterministic network scheme of a TCP protocol by communication protocols such as RDMA and the like greatly improves the network bandwidth utilization rate and the like, and reduces the transmission delay.
The technical key of the deterministic network is to realize deterministic delay, jitter, packet loss rate, bandwidth, reliability and the like. The deterministic time delay is mainly realized by mechanisms such as clock synchronization, frequency synchronization, scheduling shaping, resource reservation and the like; deterministic jitter and packet loss rate are realized through mechanisms such as priority division, jitter reduction, buffer absorption and the like; deterministic bandwidth is realized by technologies such as network slicing and edge computing; deterministic reliability is achieved through multiplexing, packet duplication and cancellation, redundant backup, etc. Deterministic network technologies currently mainly include flexible ethernet (FlexE), time Sensitive Network (TSN), deterministic network (DetNet), DIP (Deterministic IP) technologies, deterministic WiFi, and 5G deterministic networks, among others.
The deterministic network achieves the corresponding performance objective through various technologies. The FlexE inserts an intermediate layer between a physical layer and a link layer through an interface technology, so that decoupling of service rate and physical channel rate is realized, an intelligent end-to-end link is constructed, network slicing is realized, flexible allocation and guarantee of bandwidth resources are supported, and therefore deterministic bandwidth guarantee is provided; TSN and DetNet then divide and separate the data into "delay-sensitive flows" and "best effort flows" to ensure efficient time-sensitive data transmission; and deterministic Wifi and 5G deterministic networks realize deterministic bandwidth guarantee through network slicing, and end-to-end deterministic control is realized by means of low-delay technology, edge calculation and the like.
The perceived scheduling of the computational network involves computational power metrics, computational power identification, computational power perception, computational power modeling and computational power orchestration scheduling.
The utility model provides a power network safety transmission guarantee system, as shown in fig. 1 and 3, includes edge power node operation module, controller, network equipment and terminal, wherein:
the edge computing power node operation module is used for encrypting and decrypting field data information and forming a computing power information set through data throughput and transmitting the computing power information set to the controller; the controller acquires an on-site calculation force information set, identifies the calculation force information set based on a target service, calculates network information corresponding to the target service, and schedules and transmits the network information to the network equipment; transmitting the calculation information of the target service to a terminal through the network equipment;
in this embodiment of the present application, as shown in fig. 2, the low-computation-power secure encryption and decryption module in the edge computation node operation module performs encryption and decryption processing on hardware in the module of the data set collected on site, in the process of encrypting the hardware, the generation and storage of the key are performed inside the device, and protection measures such as self-destruction of the startup key and back-to-back input of the key component are adopted to prevent the leakage of the key, and meanwhile, the multi-layer cryptographic operation is performed in the encrypted hardware, so that the security of the key can be fundamentally ensured.
In the embodiment of the application, in the hardware encryption process, the encryption chip and the special electronic key are in one-to-one correspondence with the hard disk through the special encryption chip or the independent processing chip and the like, the encryption chip corresponds the encryption chip information, the special information and the hard disk information and performs encryption operation, and simultaneously writes the encryption chip information, the special information and the hard disk information into the main partition table of the hard disk, at the moment, the encryption chip, the special electronic key and the hard disk are bound together, and any one of the encryption chip, the special electronic key and the hard disk is not available. If the encrypted hard disk is separated from the corresponding encryption chip and the electronic key, the partition cannot be identified on the computer, and any data cannot be obtained. The hardware in the module is a PCB board which burns the singlechip program, and in the actual use process, the module comprises a USB flash disk supporting hardware encryption and a router supporting hardware.
The controller comprises an acquisition module for acquiring a field calculation force information set, a determination module for identifying calculation force information of a target service based on the field calculation force information set acquired by the acquisition module, and a scheduling module for calculating network information corresponding to the target service. The controller is connected with the terminal in advance, the terminal sends identification information carrying the requested target service in advance, the controller determines a target edge computing node for providing the target service for the terminal based on the identification information of the target service sent by the terminal, and returns establishment response information to the terminal, wherein the connection establishment response information carries the identification information of the target edge computing node, so that the requirement on the performance and capacity of network equipment is reduced while the viscosity requirement of the data flow of the service on the computing node is met, and the efficiency of data transmission is improved.
The scheduling module acquires a message of network information corresponding to a target service and a fast sub-stream and a slow sub-stream corresponding to a scheduler of a current heterogeneous network, divides the message of the network information to be transmitted into a plurality of data packets, transmits the plurality of message data packets corresponding to each network by using the fast sub-stream or the slow sub-stream, and returns a scheduling feedback data packet containing a network address of the edge computing device.
The acquisition module is connected with the determination module through a UART interface, and can directly communicate with the internal bus of the determination module through the UART interface connection, so that the direct data communication link and stable encryption and decryption performance are ensured.
The edge computing force node comprises a computing force sensing module, the computing force sensing module is used for collecting computing force information of the edge computing force node, the computing force sensing module comprises BGP (Border Gateway Protocol ) Speaker (instance), the BGP protocol is a dynamic routing protocol, the controller establishes BGP connection with the BGP Speaker in the edge computing force nodes MEC 1, MEC 2 and MEC3 respectively through the BGP protocol, and collects computing force information in the MEC 1, MEC 2 and MEC3, and the computing force information of the edge computing force node can be but is not limited to one or a combination of more of the following information: dynamic information such as CPU (Central Processing Unit ) occupancy rate, service processing delay, service connection number, etc.
The network device may be, but not limited to, a routing device, where the network device and the controller are connected through a network, where the network device may collect network information and report the network information to the controller, and each time the network information changes, the network device reports current network information to the controller, where the network information may be, but not limited to, port information, network bandwidth information, network delay information, and the like of the network device.
Further, in a preferred embodiment of the present application, as shown in fig. 2, the edge computing power node operation module includes a field acquisition module, a low computing power security encryption and decryption module, a high computing power security encryption and decryption module, and an edge computing power module;
the field acquisition module acquires data of each service on the field;
the low-computation-power safe encryption and decryption module is used for conducting hardware encryption and decryption processing in the module on the data acquired by the field acquisition module;
the high-computation-power safe encryption and decryption module is used for conducting hardware encryption and decryption processing in the module for the selected data;
the edge computing power module carries out data throughput, processes and computes intensive data through IP field data packets to form a field computing power information set.
The edge computing power module is provided with an independent processor, an operation memory, an external storage and an inference accelerator, and also provided with an independent operation processing system, and can be used as a man-machine interaction interface of a network management system to operate high-performance computing power resources only when a heavy operation task which cannot be processed rapidly by the routing module is used.
IP is to refer to a digital product (only including 3G band mobile NETWORK) as an independent entity, and has a unique code on the NETWORK; in a preferred embodiment of the present application, the edge computing power module interfaces with the routing module via a 1000BASE TX (or similar function) interface, ensuring high speed data throughput capability and high flexibility.
Further, in a preferred embodiment of the present application, as shown in fig. 2, the edge computing power node operation module further includes a routing module, where the routing module is configured to uniformly coordinate operations of each module in the edge computing power node operation module.
The routing module can directly communicate with other built-in equipment at high speed through the switching module, and also can directly communicate with equipment of the remote access switching module. Meanwhile, the remote devices accessed to the switching module can also be directly communicated through the switching module.
The switching module can support 1000BASE TX (or higher level) and 1000BASE FX (or higher level) interfaces and is compatible with the access of a low-speed interface, and provides multiple choices for flexibly configuring the compatibility of the local and remote devices of the gateway and the deployment distance of the remote devices.
The exchange module can support ring network protocol and port aggregation function, which lays foundation for flexible configuration of network equipment connection function and expansion of gateway performance. The ports of the switching module can support an electrical interface (TX) and an optical interface (FX) adapted to different connection devices, connection distances and field environments.
Further, in a preferred embodiment of the present application, the terminal sends the unique identifier corresponding to the target service to the controller.
In the embodiment of the application, the network information to be transmitted is divided into a plurality of data packets by acquiring the fast substream and the slow substream corresponding to the scheduler of the current heterogeneous network.
The fast substream typically always sends packets with smaller sequence numbers during this round of transmission, the slow substream sends packets with larger sequence numbers, when the first packet from the slow substream arrives at the receiving end, all packets with smaller sequence numbers from the fast substream should have arrived (a b), and the last packet b from the fast substream should arrive in succession with the first packet (b+1) of the slow substream. In the embodiment of the application, the data packets are distributed to different sub-streams, so that the receiving end can receive the data packets from small to large according to the number sequence of the data packets, high delay caused by waiting of the data packets in the buffer area of the receiving end is avoided, and the link bandwidth aggregation effect is guaranteed.
In this embodiment of the present application, if a packet with a smaller sequence number exists in the transmission process, the packet is transmitted through a fast sub-stream, if a packet with a larger sequence number exists in the transmission process, the packet is transmitted through a slow sub-stream, and if a packet with a smaller sequence number and a packet with a larger sequence number exists in the packet, the packet with a smaller sequence number is transmitted through a fast sub-stream, and the packet with a larger sequence number is transmitted through a slow sub-stream.
Further, in a preferred embodiment of the present application, the determining module includes a first determining unit, a calculating unit, and a second determining unit;
the first determining unit performs identification based on the target service, and determines all edge computing force nodes of the target service through the identification;
the second determining unit determines computing force information corresponding to the target service based on the computing force nodes of each edge of the target service;
the computing unit computes network information corresponding to the target service through computing power information corresponding to the target service.
In the embodiment of the application, the controller determines the identification of each edge computing node corresponding to the identification of the target service according to the corresponding relation between the identification of the pre-stored service and the identification of the edge computing node, and can determine the edge computing node corresponding to the computing service provided by the target service according to the identification of each edge computing node.
Further, in a preferred embodiment of the present application, as shown in fig. 2, the edge computing node operation module further includes a switching module, and the edge computing module is connected to the routing module through the switching module.
Further, in a preferred embodiment of the present application, the edge computing module is connected to the routing module through an interface.
In the foregoing power network security transmission guarantee system, as shown in fig. 4, the method comprises the following steps:
step S1, generating a preset connection request, wherein the preset connection request carries identification information of a target service requested by a terminal;
s2, acquiring communication data of field service;
s3, encrypting and decrypting the communication data of the field service, and enabling the communication data throughput of the field service to form an algorithm information set;
s4, marking the calculation information set based on the target service type, and obtaining calculation information corresponding to the target service type;
and S5, converting the calculation power information of the target service into network information, and then transmitting the network information of the target service to the terminal through scheduling.
Further, in a preferred embodiment of the present application, the scheduling the network information of the target service specifically includes the following steps:
step S401, a message of the current network information to be transmitted and a fast sub-stream and a slow sub-stream corresponding to a scheduler of the current heterogeneous network are obtained, and the message of the network information to be transmitted is divided into a plurality of data packets;
step S402, replacing source addresses of a plurality of data packets with network addresses of edge computing equipment to obtain target data packets;
step S403, the target data packet is sent to a designated service dispatcher, and the designated dispatcher returns a dispatching feedback data packet containing the network address of the edge computing device;
step S404, receiving a returned scheduling feedback data packet containing the network address of the edge computing device, replacing the destination address of the scheduling feedback data packet with the network address of the terminal, and then sending the scheduling feedback data packet to the terminal.
Further, in a preferred embodiment of the present application, the obtaining the computing power information corresponding to the target service type specifically includes the following steps:
step S501, inputting the identification of a target service, and identifying an on-site calculation information set;
step S502, determining each edge computing node of the target service according to the identification of the target service;
step S503, determining computing power information corresponding to the target service based on each edge computing power node of the target service;
step S504, calculating the network information corresponding to the target service through the computing power information corresponding to the target service.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, which are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, apparatuses, and methods may be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (RAM, random access memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.

Claims (10)

1. The utility model provides a power calculation network safety transmission guarantee system which is characterized in that, include edge power calculation node operation module, controller, network equipment and terminal, wherein:
the controller comprises an acquisition module for acquiring a field computing power information set, a determination module and a scheduling module for determining network information corresponding to a target service by marking computing power information of the target service based on the field computing power information set acquired by the acquisition module, wherein the scheduling module acquires a message of the network information corresponding to the target service and a fast sub-stream and a slow sub-stream corresponding to a scheduler of a current heterogeneous network, divides the message of the network information to be transmitted into a plurality of data packets, transmits the plurality of message data packets corresponding to each network by utilizing the fast sub-stream or the slow sub-stream, and returns a scheduling feedback data packet containing a network address of edge computing equipment, and the acquisition module and the determination module are connected through a UART interface;
the edge computing power node operation module is used for encrypting and decrypting field data information and forming a computing power information set through data throughput and transmitting the computing power information set to the controller; the controller acquires an on-site calculation force information set, identifies the calculation force information set based on a target service, calculates network information corresponding to the target service, and schedules and transmits the network information to the network equipment; and transmitting the calculation information of the target service to the terminal through the network equipment.
2. The system of claim 1, wherein the edge computing power node operation module comprises a field acquisition module, a low computing power security encryption and decryption module, a high computing power security encryption and decryption module and an edge computing power module;
the field acquisition module acquires data of each service on the field;
the low-computation-power safe encryption and decryption module is used for conducting hardware encryption and decryption processing in the module on the data acquired by the field acquisition module;
the high-computation-power safe encryption and decryption module is used for conducting hardware encryption and decryption processing in the module for the selected data;
the edge computing power module carries out data throughput, processes and computes intensive data through IP field data packets to form a field computing power information set.
3. The system of claim 2, wherein the edge computing node operation module further comprises a routing module, and the routing module is configured to uniformly coordinate operations of each of the edge computing node operation modules.
4. The system according to claim 1, wherein the terminal sends a unique identifier corresponding to the target service to the controller.
5. The system of claim 4, wherein the determining module comprises a first determining unit, a calculating unit, and a second determining unit;
the first determining unit performs identification based on the target service, and determines all edge computing force nodes of the target service through the identification;
the second determining unit determines computing force information corresponding to the target service based on the computing force nodes of each edge of the target service;
the computing unit computes network information corresponding to the target service through computing power information corresponding to the target service.
6. A power network security transmission assurance system according to claim 3, characterized in that the edge power node operation module further comprises a switching module, through which the edge power module is connected with the routing module.
7. A power network security transmission assurance system according to claim 3, characterized in that the edge power module is connected to the routing module by an interface.
8. A method for guaranteeing the safe transmission of a power network, which is characterized by being applied to the safe transmission guaranteeing system of the power network according to any one of claims 1-7, and comprising the following steps:
generating a preset connection request, wherein the preset connection request carries identification information of a target service requested by a terminal;
acquiring communication data of field service;
after encrypting and decrypting the communication data of the field service, enabling the communication data throughput of the field service to form a calculation information set;
identifying the power calculation information set based on the target service type, and acquiring power calculation information corresponding to the target service type;
and converting the calculation information of the target service into network information, and then transmitting the network information of the target service to the terminal through scheduling.
9. The method for guaranteeing the safe transmission of the power network according to claim 8, wherein the scheduling the network information of the target service specifically comprises the following steps:
the method comprises the steps of obtaining a message of current network information to be transmitted and a fast substream and a slow substream corresponding to a scheduler of a current heterogeneous network, and dividing the message of the network information to be transmitted into a plurality of data packets;
replacing source addresses of the data packets with network addresses of edge computing equipment to obtain target data packets;
sending the target data packet to a designated service scheduler, and returning a scheduling feedback data packet containing the network address of the edge computing equipment by the designated scheduler;
and receiving a returned scheduling feedback data packet containing the network address of the edge computing equipment, replacing the destination address of the scheduling feedback data packet with the network address of the terminal, and then sending the scheduling feedback data packet to the terminal.
10. The method for guaranteeing the safe transmission of the power network according to claim 8, wherein the step of obtaining the power information corresponding to the target service type specifically comprises the following steps:
inputting the identification of the target service, and identifying the on-site calculation information set;
determining each edge computing node of the target service according to the identification of the target service;
determining computing power information corresponding to the target service based on the computing power nodes of each edge of the target service;
and calculating the network information corresponding to the target service through the computing power information corresponding to the target service.
CN202310348521.5A 2023-04-04 2023-04-04 Security transmission guaranteeing system and method for computing power network Active CN116132195B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310348521.5A CN116132195B (en) 2023-04-04 2023-04-04 Security transmission guaranteeing system and method for computing power network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310348521.5A CN116132195B (en) 2023-04-04 2023-04-04 Security transmission guaranteeing system and method for computing power network

Publications (2)

Publication Number Publication Date
CN116132195A CN116132195A (en) 2023-05-16
CN116132195B true CN116132195B (en) 2023-06-09

Family

ID=86301247

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310348521.5A Active CN116132195B (en) 2023-04-04 2023-04-04 Security transmission guaranteeing system and method for computing power network

Country Status (1)

Country Link
CN (1) CN116132195B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022121349A1 (en) * 2020-12-07 2022-06-16 中兴通讯股份有限公司 Computing power application traffic forwarding method and apparatus
CN114756340A (en) * 2022-03-17 2022-07-15 中国联合网络通信集团有限公司 Computing power scheduling system, method, device and storage medium
WO2022222550A1 (en) * 2021-04-20 2022-10-27 中兴通讯股份有限公司 Notification method and apparatus for computing power resources, storage medium, and electronic apparatus
CN115361280A (en) * 2022-08-15 2022-11-18 中国联合网络通信集团有限公司 Calculation network calling method, device, equipment and storage medium
CN115665060A (en) * 2022-12-26 2023-01-31 中国华能集团清洁能源技术研究院有限公司 Multi-path transmission scheduling method and device for heterogeneous network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022121349A1 (en) * 2020-12-07 2022-06-16 中兴通讯股份有限公司 Computing power application traffic forwarding method and apparatus
WO2022222550A1 (en) * 2021-04-20 2022-10-27 中兴通讯股份有限公司 Notification method and apparatus for computing power resources, storage medium, and electronic apparatus
CN114756340A (en) * 2022-03-17 2022-07-15 中国联合网络通信集团有限公司 Computing power scheduling system, method, device and storage medium
CN115361280A (en) * 2022-08-15 2022-11-18 中国联合网络通信集团有限公司 Calculation network calling method, device, equipment and storage medium
CN115665060A (en) * 2022-12-26 2023-01-31 中国华能集团清洁能源技术研究院有限公司 Multi-path transmission scheduling method and device for heterogeneous network

Also Published As

Publication number Publication date
CN116132195A (en) 2023-05-16

Similar Documents

Publication Publication Date Title
EP3291601B1 (en) A resource allocation method of a wireless communication system and mechanism thereof
JP6841918B2 (en) Methods and devices for transmitting service flows based on flexible Ethernet, as well as communication systems
US9288162B2 (en) Adaptive infrastructure for distributed virtual switch
CN113596191B (en) Data processing method, network element equipment and readable storage medium
CN109842868B (en) Frame aggregation and network setting frame sending method and equipment
Striffler et al. Time-sensitive networking in 5th generation cellular networks-current state and open topics
US11558784B2 (en) Resource allocation method, apparatus, and system, and storage medium
CN113206717A (en) System and method for synchronized data transmission in an industrial network
JP2017529728A (en) Time synchronization method, device and time synchronization server for network device
CN114363182A (en) Deterministic network system and deterministic service transmission method
CN113810442B (en) Resource reservation method, device, terminal and node equipment
CN116132195B (en) Security transmission guaranteeing system and method for computing power network
CN116455817A (en) Software-defined cloud network fusion architecture and route implementation method
US20230291679A1 (en) Dynamic use of a packet recovery mechanism to avoid congestion along a network path
KR101404491B1 (en) System and Method for dynamic bandwidth setting of subnet based on OpenFlow network
EP4178295A1 (en) Service processing method and network device
CN113301149A (en) Trusted software defined network construction method based on block chain
Zhu et al. Integrated vone scheme over resource-virtualized elastic optical networks
Kim et al. Toward Enabling Performance-Guaranteed Networking in Next-Generation Cellular Networks
US11729216B1 (en) Messaging layer security (MLS) delivery service for real-time group confidentiality using hybrid information-centric networking (hICN)
CN117014636B (en) Data stream scheduling method of audio and video network, storage medium and electronic device
CN115189983B (en) TSN device for accessing AUTBUS network
Hanon et al. Review the deployment and role of broker in IoT platforms
CN112291042B (en) Service-based narrowband communication network data transparent transmission method and system thereof
Kumar et al. Synthesis of Cloud Technologies and Telco NFV Transformation–A Perspective

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant