| As the cyberspace continues to develop in the direction of user pluralism,service diversification,equipment complexity,and access heterogeneity,traditional network systems and mechanisms are difficult to deal with the current and future treacherous security threats.On the one hand,the traditional network architecture has problems such as fuzzy network boundary,loose component collaboration relationship and weak endogenous defense mechanism,which are difficult to meet the emerging new business needs.On the other hand,the traditional information encryption,firewalls,intrusion protection and other technical means have a certain degree of passivity and hysteresis,making the cyberspace in a state of "easy to attack but difficult to defend" for a long time.In recent years,new network architectures such as Software-Defined Network(SDN),Information-Centric Networking(ICN)and Smart Identifier NETwork(SINET)have been proposed,making it possible for the network of the native to support flexibility,extendibility and security.Therefore,based on the design concept of SINET,this dissertation conducts related research from four scenarios of access,routing,adaptation,and scheduling to provide support for the establishment of a more complete trusted edge,which architectured in view of the key issues in trusted edge management and control.The main work and innovation are as follows:1.The dissertation summarizes and sorts out the design ideas and service mechanism of SINET,and further analyzes the credibility of the network edge.First of all,the dissertation studies the development route and system model of SINET,and introduces in detail the "three-tier,two-domain" structure and working mechanism of SINET.This article summarizes the service mechanism of SINET from three aspects:identity mapping,collaborative adaptation,and differentiated services.Secondly,the dissertation focuses on the credibility of edge access,edge transmission,edge adaptation,and edge scheduling.Finally,the dissertation explains the challenges and threats faced by the edge,and demonstrates the importance of security,reliability,controllability,and manageability at the edge of the network,which provides the theoretical basis and objectives for the research on trusted edge administration of SINET in the subsequent sections.2.For the security edge access problem of SINET,the dissertation proposes a highly secure,multi-dimensional access control scheme,which realizes the characteristics of resisting illegal attacks and fine-grained control based on user identification.First of all,the dissertation conducts a comprehensive comparative analysis of the existing edge access security management and control technologies,and introduces the model structure and implementation process of the solution in detail.By integrating the analysis and mapping mechanism of SINET to achieve dynamic isolation between networks,the dissertation further optimizes the implementability of the scheme.Secondly,the dissertation analyzes the performance of the solution from three aspects:access control,user concurrency,and authentication delay.By building a prototype system platform,the dissertation verifies the rationality of the theoretical inference.The results show that the proposed scheme can effectively realize unified access control management for terminal users.Compared with the authentication framework based on the traditional network architecture,this solution can effectively reduce the access authentication delay while supporting a higher number of concurrencies.3.For the reliable edge transmission problem of SINET,the dissertation proposes a routing control protocol and node inspection mechanism based on geographic awareness monitoring.By integrating directed diffusion routing,greedy boundary stateless routing and node inspection mechanisms,which ensures the reliability of data exchange.First of all,the dissertation lists the shortcomings of current routing algorithms based on geographic energy perception,and constructs an efficient inspecting mechanism for abnormal node behavior.In order to complete the safe and orderly interaction of data packets,the mechanism merges the two to form a smart collaborative geographic sensing monitoring routing control protocol.Secondly,the dissertation proposes an improved adaptive energy transfer algorithm to optimize the energy consumption of edge routing,and reduce the cost of data transmission while ensuring routing security.Finally,the simulation experiment results verify the performance improvement between the proposed protocol and the three traditional schemes in terms of transmission delay,packet loss rate,throughput,etc.,and prove the superiority of the energy-saving algorithm in terms of energy consumption.4.For the controllable edge adaptation problem of SINET,the dissertation proposes a reliable and demand-driven bandwidth adaptation strategy.The software-defined technology dynamically adjusts network function modules to enhance bandwidth utilization.This method guarantees the legitimacy of users and the validity of data.Firstly,the dissertation establishes a multi-user bandwidth allocation model based on probability distribution.Secondly,in view of the resource occupation problem caused by the out-of-order queue data,the dissertation elaborates the on-demand reliable bandwidth adaptation strategy and the design details of the sending and receiving queue control mechanism,and further proposes a smart-driven edge transceiver queue control mechanism.Finally,by building a prototype system with multiple domains and multiple user groups,the dissertation verifies the effectiveness of the proposed scheme.Compared with existing SDN and traditional networks,the experimental results prove that the strategy proposed in the dissertation has advantages in bandwidth usage and intrusion prevention.What needs special attention is that the queue control mechanism effectively improves the transmission capacity and buffer utilization.5.For the manageable edge scheduling problem of SINET,the dissertation proposes an identifier-driven resource orchestration scheme.In the dissertation,the complex optimization problem is decoupled into two sub-problems:computational offloading and resource allocation.Taking the edge cache of a specific scene as an example,the dissertation further proposes a dynamic resource scheduling mechanism.First of all,in order to illustrate the matching relationship between access attributes and spatial resources,the dissertation establishes an identification space mapping model.By constructing a mixed-integer nonlinear programming problem,the dissertation realizes a highly reliable and low-cost optimal edge resource allocation strategy.Secondly,the dissertation formulates the workflow of the scheme in detail,analyzes the core problems of edge collaborative caching,and introduces the design ideas of the collaborative caching mechanism.Finally,the theoretical analysis part of reliable offloading and cooperative caching is verified through simulation experiments.The results show that the scheme proposed in the dissertation can effectively guarantee the reliability of the edge while reducing time delay and energy consumption. |
PDF Full Text Request