云制造系统用户认证和服务间协同高效可信安全技术

doi:10.12305/j.issn.1001-506X.2022.12.15

系统工程与电子技术 ›› 2022, Vol. 44 ›› Issue (12): 3710-3718.doi: 10.12305/j.issn.1001-506X.2022.12.15

云制造系统用户认证和服务间协同高效可信安全技术

赵龙波^1,^2,*, 李伯虎^1,³, 施国强^3,⁴

1. 北京航空航天大学自动化科学与电气工程学院, 北京 100191
2. 中国航天科工集团有限公司, 北京 100048
3. 北京仿真中心, 北京 100854
4. 北京电子工程总体研究所复杂产品智能制造系统技术国家重点实验室, 北京 100854

收稿日期:2022-05-19 出版日期:2022-11-14 发布日期:2022-11-24
通讯作者: 赵龙波
作者简介:赵龙波(1983—), 男, 研究员, 博士研究生, 主要研究方向为云制造系统、网络安全|李伯虎(1938—), 男, 中国工程院院士, 主要研究方向为系统仿真、制造业信息化、云制造系统|施国强(1979—), 男, 研究员, 博士, 主要研究方向为系统建模与仿真、虚拟样机工程

Efficient trusted security technology of user authentication and service collaboration in cloud manufacturing system

Longbo ZHAO^1,^2,*, Bohu LI^1,³, Guoqiang SHI^3,⁴

1. School of Automation Science and Electrical Engineering, Beihang University, Beijing 100191, China
2. China Aerospace Science and Industry Corporation Limited, Beijing 100048, China
3. Beijing Simulation Center, Beijing 100854, China
4. State Key Laboratory of Intelligence Manufacturing System Technology, Beijing Institute of Electronic System Engineering, Beijing 100854, China

Received:2022-05-19 Online:2022-11-14 Published:2022-11-24
Contact: Longbo ZHAO

摘要/Abstract

摘要：

针对云制造系统不同安全域之间信任关系孤立导致的用户跨域访问重复进行身份认证和云服务跨域协同被拒绝的问题, 设计了一种面向云制造系统的域间互信过程模型, 提出了基于域间互信的用户认证和服务跨域协同高效可信安全优化技术, 实现了用户可信身份跨域传递和云制造服务跨域协同, 并在企业进行了应用验证, 给出了所提方法与传统方式的对比分析。分析结果表明, 提出的高效可信安全技术能够在提升云制造系统认证和服务跨域协同效率的同时不降低现有安全机制的防护强度。

关键词: 云制造系统, 安全技术, 域间互信, 用户认证, 服务跨域协同

Abstract:

Aiming at the problem that the isolation of trust relationship between different security domains of cloud manufacturing system leads to the repeated identity authentication of users' cross domain access and the rejection of cloud service cross domain collaboration, an inter domain mutual trust process model for cloud manufacturing system is designed. An efficient trusted security optimization technology of user authentication and service cross domain collaboration based on inter domain mutual trust is proposed, which realizes the cross domain transmission of users'trusted identity and cloud manufacturing service cross domain collaboration. The application is verified in some enterprises, and a comparative analysis with the traditional method is given. The analysis results show that the efficient and trusted security technology proposed can improve the efficiency of cloud manufacturing system authentication and service cross domain collaboration without reducing the protection intensity of the existing security mechanism.

Key words: cloud manufacturing system, security technology, inter domain mutual trust, user authentication, service cross domain collaboration

中图分类号:

TP309.2

赵龙波, 李伯虎, 施国强. 云制造系统用户认证和服务间协同高效可信安全技术[J]. 系统工程与电子技术, 2022, 44(12): 3710-3718.

Longbo ZHAO, Bohu LI, Guoqiang SHI. Efficient trusted security technology of user authentication and service collaboration in cloud manufacturing system[J]. Systems Engineering and Electronics, 2022, 44(12): 3710-3718.

图/表 12

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

表1

参考文献 30

1	李伯虎, 张霖, 王时龙, 等. 云制造——面向服务的网络化制造新模式[J]. 计算机集成制造系统, 2010, 16 (1): 1- 7. doi: 10.13196/j.cims.2010.01.3.libh.004
	LI B H , ZHANG L , WANG S L , et al. Cloud manufacturing: a new service-oriented networked manufacturing model[J]. Computer Integrated Manufacturing Systems, 2010, 16 (1): 1- 7. doi: 10.13196/j.cims.2010.01.3.libh.004
2	李伯虎, 柴旭东, 侯宝存, 等. 云制造系统3.0——一种"智能+"时代的新智能制造系统[J]. 计算机集成制造系统, 2019, 25 (12): 2997- 3012.
	LI B H , CHAI X D , HOU B C , et al. Cloud manufacturing system33.0—a new intelligent manufacturing system in the era of "intelligence+"[J]. Computer Integrated Manufacturing Systems, 2019, 25 (12): 2997- 3012.
3	YAO J , XING B , ZENG J , et al. Survey on cloud manufacturing service composition[J]. Computer Science, 2021, 48 (7): 245- 255.
4	WU D Z , GREER M J , ROSEN D W , et al. Cloud manufacturing: strategic vision and state of the art[J]. Journal of Manufacturing Systems, 2013, 32 (4): 564- 579. doi: 10.1016/j.jmsy.2013.04.008
5	YANG Y, ZHAO C G, GAO T L. Cloud computing: security issues overview and solving techniques investigation[C]//Proc. of the International Conference on Intelligent Cloud Computing, 2015: 152-167.
6	鲁金钿, 肖睿智, 金舒原. 云计算环境下信任机制综述[J]. 小型微型计算机系统, 2016, 37 (1): 1- 11. doi: 10.3969/j.issn.1000-1220.2016.01.001
	LU J D , XIAO R Z , JIN S Y . Survey on trust mechanisms in the environment of cloud computing[J]. Journal of Chinese Computer Systems, 2016, 37 (1): 1- 11. doi: 10.3969/j.issn.1000-1220.2016.01.001
7	白洁, 方水良, 彭皓珂, 等. 云制造服务规范化标准服务清单建模方法[J]. 计算机集成制造系统, 2017, 23 (10): 2279- 2290. doi: 10.13196/j.cims.2017.10.022
	BAI J , FANG S L , PENG H K , et al. Boss modeling method for cloud manufacturing services normalization[J]. Computer Integrated Manufacturing Systems, 2017, 23 (10): 2279- 2290. doi: 10.13196/j.cims.2017.10.022
8	CHEN T , WANG Y C . Estimating simulation workload in cloud manufacturing using a classifying artificial neural network ensemble approach[J]. Robotics and Computer Integrated Manufacturing, 2016, 61 (8): 42- 51.
9	ZHANG W Y , ZHANG S , CAI M , et al. An agent-based peer-to-peer architecture for semantic discovery of manufacturing services across virtual enterprises[J]. Enterprise Information Systems, 2015, 9 (3): 233- 256. doi: 10.1080/17517575.2012.747002
10	TAO F , ZHAO D M , HU Y F , et al. Correlation-aware resource service composition and optimal-selection in manufacturing grid[J]. European Journal of Operational Research, 2010, 201 (1): 129- 143. doi: 10.1016/j.ejor.2009.02.025
11	HUANG B Q , LI C H , TAO F . A chaos control optimal algorithm for QoS-based service composition selection in cloud ma-nufacturing system[J]. Enterprise Information Systems, 2014, 8 (4): 445- 463. doi: 10.1080/17517575.2013.792396
12	XIANG F , HU Y F , YU Y R , et al. QoS and energy consumption aware service composition and optimal-selection based on Pareto group leader algorithm in cloud manufacturing system[J]. Central European Journal of Operations Research, 2014, 22 (4): 663- 685. doi: 10.1007/s10100-013-0293-8
13	TAO F , LAILI Y J , XU L D , et al. FC-PACO-RM: a parallel method for service composition optimal selection in cloud manufacturing system[J]. IEEE Trans.on Industrial Informatics, 2013, 9 (4): 2023- 2033. doi: 10.1109/TII.2012.2232936
14	SIMEONE A , DENG B , CAGGIANO A . Resource efficiency enhancement in sheet metal cutting industrial networks through cloud manufacturing[J]. The International Journal of Advanced Manufacturing Technology, 2020, 107, 1345- 1365. doi: 10.1007/s00170-020-05083-6
15	黄爽, 黄必清. 云制造平台安全体系架构[J]. 计算机集成制造系统, 2018, 24 (4): 851- 861. doi: 10.13196/j.cims.2018.04.005
	HUANG S , HUANG B Q . Security architecture for cloud manufacturing platform[J]. Computer Integrated Manufacturing Systems, 2018, 24 (4): 851- 861. doi: 10.13196/j.cims.2018.04.005
16	ZHANG H B, WANG J S, CHANG J. A multi-level security access control framework for cross-domain networks[C]//Proc. of the IEEE International Conference on Computational Science and Engineering and IEEE International Conference on Embedded and Ubiquitous Computing, 2017.
17	ALI V B , ZHI L , WANG W M , et al. Block chain-based ubi-quitous manufacturing: a secure and reliable cyber-physical system[J]. International Journal of Production Research, 2020, 58 (7): 2200- 2221. doi: 10.1080/00207543.2019.1680899
18	EHSAN A , OMID F V . A novel cloud manufacturing service composition platform enabled by block chain technology[J]. International Journal of Production Research, 2020, 58 (17): 1907- 1919.
19	SU Y , JIANG H , LIU Z Q . A study on environment-friendly machining of titanium alloy via composite electrostatic spraying[J]. The International Journal of Advanced Manufacturing Technology, 2020, 110 (5): 1305- 1317.
20	YANG Y F , YANG B , WANG S L , et al. An enhanced multi-objective grey wolf optimizer for service composition in cloud manufacturing[J]. Applied Soft Computing, 2020, 87, 106003. doi: 10.1016/j.asoc.2019.106003
21	DING S H , HAN J L , MENG X J , et al. Multi-granularity modeling and aggregation of design resources in cloud manufacturing[J]. IEEE Access, 2020, 8, 130797- 130819. doi: 10.1109/ACCESS.2020.3009678
22	HUANG B Q , LI C H , YIN C , et al. Cloud manufacturing service platform for small and medium sized enterprises[J]. The International Journal of Advanced Manufacturing Technology, 2012, 65 (9): 1261- 1272.
23	易树平, 刘觅, 温沛涵. 基于全生命周期的云制造服务研究综述[J]. 计算机集成制造系统, 2016, 22 (4): 871- 883. doi: 10.13196/j.cims.2016.04.001
	YI S P , LIU M , WEN P H . Overview of cloud manufacturing service based on lifecycle theory[J]. Computer Integrated Manufacturing Systems, 2016, 22 (4): 871- 883. doi: 10.13196/j.cims.2016.04.001
24	MOURAD M H , NASSEHI A , SCHAEFER D , et al. Assessment of interoperability in cloud manufacturing[J]. Robotics and Computer Integrated Manufacturing, 2020, 65 (3): 101832.
25	LIANG H G , WEN X Q , LIU Y K , et al. Logistics-involved QoS-aware service composition in cloud manufacturing with deep reinforcement learning[J]. Robotics and Computer Integrated Manufacturing, 2021, 66 (3): 101991.
26	LI X B , FANG Z W , YIN C . A machine tool matching method in cloud manufacturing using Markov decision process and cross-entropy[J]. Robotics and Computer Integrated Manufacturing, 2020, 65 (1): 101968- 101979.
27	ZHANG P Y , KONG Y , ZHOU M C . A domain partition-based trust model for unreliable clouds[J]. IEEE Trans.on Information Forensics and Security, 2018, 13 (9): 2167- 2178.
28	AHMED A , ZAKARIAE T . IaaS cloud model security issues on behalf cloud provider and user security behaviors[J]. Procedia Computer Science, 2018, 134 (6): 328- 333.
29	SHIM K A . A new certificateless signature scheme provably secure in the standard model[J]. IEEE Systems Journal, 2018, 99 (4): 1421- 1430.
30	SUDHARANI K , SAKTHIVEL P N K . A secure encryption scheme based on certificateless proxy signature[J]. Advances in Big Data and Cloud Computing, 2018, 645 (4): 277- 285.

评价指标		传统方式	优化技术
域间协商	语义描述	无	有
域间协商	域间互信	不信任	基于PKI体系互信
用户认证	认证次数	N次	仅1次
	认证耗时/s	6.9	0.8
	用户体验	差	好(跨域透明)
云服务协同	域内协同	允许	允许
	跨域协同	阻断	允许
	协商时间	无法协商	0.3 s

云制造系统用户认证和服务间协同高效可信安全技术

Efficient trusted security technology of user authentication and service collaboration in cloud manufacturing system

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 12

参考文献 30

相关文章 1

编辑推荐

Metrics

本文评价