Node management method and device based on credibility measurement, equipment and storage medium
By implementing multi-dimensional trust measurement and group management of 5G IoT nodes, the adaptability problem of existing remote proof schemes in 5G IoT is solved, realizing low-energy and low-latency trusted remote proof, which meets the needs of resource-constrained nodes.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- BEIJING UNIV OF TECH
- Filing Date
- 2022-11-28
- Publication Date
- 2026-07-03
Smart Images

Figure CN116437338B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of remote authentication technology, and in particular to a node management method, apparatus, device, and storage medium based on trust metrics. Background Technology
[0002] Remote authentication is a key issue in the Internet of Things (IoT) field. Originating from the architectural standards of the Trusted Computing Organization, remote authentication technology securely verifies the trustworthiness of terminals and their operating environments, ensuring the system operates in a secure and reliable state. Current remote authentication schemes mainly include binary-based remote authentication, attribute-based remote authentication, and behavior- and semantic-based remote authentication. Current trust measurement models primarily address existing security threats and specific application scenarios, lacking an organic integration of node operating environment and self-state measurement. Secondly, existing remote authentication models are mainly designed based on a specific type of application and cannot adapt to the dynamic networking of a large number of heterogeneous nodes in 5G IoT. Furthermore, existing remote authentication models consume too much energy, making them unsuitable for resource-constrained sensing layer nodes, and existing real-time measurement schemes have a significant impact on latency, failing to meet the requirements of low-latency services. Summary of the Invention
[0003] This invention provides a node management method, apparatus, device, and storage medium based on trust metrics to solve the technical problem that existing remote authentication schemes cannot meet the requirements of 5G Internet of Things services.
[0004] This invention provides a node management method based on trust metrics, comprising:
[0005] Determine the target description vector of the sensing node to be managed;
[0006] The target credibility metric of the sensing node to be managed is determined based on the target description vector.
[0007] Based on the target trust metric, the sensing nodes to be managed are subjected to trust group management to obtain the group management results.
[0008] According to a node management method based on trust metrics provided by the present invention, determining the target description vector of the sensing node to be managed includes:
[0009] Obtain the identity information, hardware and software information, and behavioral information of the sensing nodes to be managed;
[0010] The identity description vector is determined based on the identity information;
[0011] The inherent attribute description vector is determined based on the aforementioned hardware and software information;
[0012] The behavioral attribute description vector is determined based on the behavioral information.
[0013] According to a node management method based on trust metrics provided by the present invention, determining the target trust metrics of the sensing node to be managed based on the target description vector includes:
[0014] The identity recognition trust metric of the sensing node to be managed is determined based on the identity identification description vector, the identity key of the sensing node to be managed, and the total duration of the network service phase corresponding to the sensing node to be managed.
[0015] Based on the inherent attribute description vector and the key software and hardware information corresponding to the sensing node to be managed, determine the software and hardware trust metric of the sensing node to be managed.
[0016] Determine the first weight corresponding to the identity trust metric and the second weight corresponding to the software and hardware trust metric;
[0017] Based on the identity trust metric, the first weight, the software and hardware trust metric, and the second weight, the static trust metric of the sensing node to be managed is determined.
[0018] According to a node management method based on trust metrics provided by the present invention, the step of determining the target trust metrics of the sensing node to be managed based on the target description vector further includes:
[0019] The task state credibility metric and network state credibility metric of the sensing node to be managed are determined based on the behavioral attribute description vector.
[0020] Determine the third weight corresponding to the task state credibility metric and the fourth weight corresponding to the network state credibility metric;
[0021] The dynamic trust metric of the sensing node to be managed is determined based on the task status trust metric, the third weight, the network status trust metric, and the fourth weight.
[0022] According to a node management method based on trust metrics provided by the present invention, the step of determining the target trust metrics of the sensing node to be managed based on the target description vector includes:
[0023] Obtain the energy-related information and interaction-related information of the sensing node to be managed;
[0024] The energy reliability metric of the sensing node to be managed is determined based on the energy-related information.
[0025] Based on the interaction-related information, the preset service similarity function, and the preset decay function, the recommended reliability metric for the sensing node to be managed is determined.
[0026] According to a node management method based on a trust metric provided by the present invention, the step of performing trust group management on the sensing nodes to be managed according to the target trust metric to obtain the group management result includes:
[0027] Based on the target trust metric and the recommended trust metric, determine the comprehensive trust metric of the sensing node to be managed;
[0028] The trust distinguishability of the sensing node to be managed is determined based on the preset service similarity function, the comprehensive trust metric, and the energy trust metric.
[0029] The sensing nodes to be managed that have a trust distinguishability greater than a preset threshold are added to a trust group to obtain the group management result.
[0030] According to a node management method based on a trust metric provided by the present invention, the step of performing trust group management on the sensing nodes to be managed according to the target trust metric, and obtaining the group management result, includes:
[0031] Based on the trust distinguishability of each sensing node to be managed in the trusted group, the trust expectation value of each trusted group is determined.
[0032] Based on the trust expectation value and the preset expectation value, each trust group is classified into different levels to obtain the classification management result.
[0033] The present invention also provides a node management device based on trust metrics, comprising:
[0034] The target description vector determination module is used to determine the target description vector of the sensing node to be managed;
[0035] The target credibility measurement determination module is used to determine the target credibility measurement of the sensing node to be managed based on the target description vector.
[0036] The group management module is used to perform trusted group management on the sensing nodes to be managed according to the target trust metric, and obtain the group management result.
[0037] The present invention also provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the program to implement the node management method based on trust metrics as described above.
[0038] The present invention also provides a non-transitory computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the node management method based on trust metrics as described above.
[0039] The present invention provides a node management method, apparatus, device, and storage medium based on trust metrics. By acquiring various information of the sensing nodes to be managed, the target description vector of the sensing nodes to be managed is determined. Then, the target trust metrics of the sensing nodes to be managed are determined based on the target trust metrics of the sensing nodes to be managed. Finally, the sensing nodes to be managed are managed in a trust group according to the target trust metrics to obtain the group management results. By modeling 5G IoT sensing nodes and combining multi-dimensional attribute metrics and trust hierarchical grouping strategies, a set of trust remote proof schemes adapted to 5G IoT is obtained. Attached Figure Description
[0040] To more clearly illustrate the technical solutions in this invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of this invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.
[0041] Figure 1 This is one of the flowcharts of the node management method based on trust metrics provided by the present invention;
[0042] Figure 2 This is the second flowchart of the node management method based on trust metrics provided by this invention;
[0043] Figure 3 This is an overall framework diagram of the node management method based on trust metrics provided by this invention;
[0044] Figure 4 This is a schematic diagram of the node management device based on trust metrics provided by the present invention;
[0045] Figure 5 This is a schematic diagram of the structure of the electronic device provided by the present invention. Detailed Implementation
[0046] To make the objectives, technical solutions, and advantages of this invention clearer, the technical solutions of this invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of this invention. All other embodiments obtained by those skilled in the art based on the embodiments of this invention without creative effort are within the scope of protection of this invention.
[0047] The following is combined Figures 1-3 This invention describes a node management method based on trust metrics.
[0048] Please refer to Figure 1, the present invention provides a node management method based on trusted measurement, including:
[0049] Step 100, determine the target description vector of the to-be-managed sensing node;
[0050] Specifically, the node management method based on trusted measurement provided in this embodiment focuses on the trust management of nodes. In the 5G Internet of Things, let the set of all nodes in a region be (P1, P2,..., P κ , task , k , in , st , id ,
[0053] ,
[0054] , st , θ , θ , net , dyn , id , , in , , ), and combine the service scenario to use the nodes with higher computing resources, network resources, and energy in the node set as management nodes, obtaining the management node set (P θ1 , P θ2 , …, P θm ), where m < n. The sensing node (i.e., the to-be-managed sensing node in this embodiment, which can be represented by the node device hereinafter) needs to prove its security to the management nodes in the region. The node device can be described from three aspects: identity identifier, inherent attributes, and behavioral attributes. The target description vector in this embodiment includes an identity identifier description vector, an inherent attribute description vector, and a behavioral attribute description vector, corresponding to the three aspects of identity identifier, inherent attributes, and behavioral attributes respectively.
[0051] Step 200, determine the target trusted measurement of the to-be-managed sensing node based on the target description vector;
[0052] Specifically, the target trusted measurement in this embodiment includes static trusted measurement and dynamic trusted measurement. According to the identity identifier description vector of the node device, determine the identity identifier trusted measurement of the management node p θ for the device node p k ; according to the inherent attribute description vector of the node device, determine the software and hardware trusted measurement of the management node p θ for the device node p κ . Furthermore, calculate the static trusted measurement of the node device according to the identity identifier trusted measurement and the software and hardware trusted measurement, as shown in Formula 1, where M st is the static trusted measurement, α1 and α2 are weight parameters, M id is the identity identifier trusted measurement, and M in is the software and hardware trusted measurement. <00θ For device node p κ The task state trust metric and network state trust metric are used to calculate the dynamic trust metric of the node device, as shown in Formula 2, where M... dy For dynamic credibility measurement, β1 and β2 are weight parameters, M task M is a reliable measure of task status. net This is a reliable measure of network state.
[0055] Step 300: Perform trusted group management on the sensing nodes to be managed according to the target trusted metric to obtain the group management result.
[0056] Specifically, in addition to the target trust metric, the node management method based on trust metrics provided in this embodiment can also obtain the recommended trust metric of the node device. Then, based on the target trust metric and the recommended trust metric, the comprehensive trust metric of the node device is determined. Finally, the weight of each trust metric value is calculated using the information entropy formula to obtain the comprehensive trust metric of the management node relative to the target node, as shown in Formula 3, where γ... st γ dyn and γ re M is the weight parameter. re To recommend a reliable metric.
[0057] M total =γ st M st +γ dyn M dyn +γ re M re Formula 3 The system acquires energy-related information of node devices, determines the energy trust metric of node devices based on the energy-related information, and determines the trust distinguishability of node devices based on the preset service similarity function, comprehensive trust metric, and energy trust metric. Node devices with trust distinguishability greater than a preset threshold are added to the trust group to obtain the final group management result.
[0058] This embodiment obtains various information about the sensing nodes to be managed, determines the target description vector of the sensing nodes to be managed, then determines the target trust measure of the sensing nodes to be managed based on the target trust measure of the sensing nodes to be managed, and finally performs trust group management on the sensing nodes to be managed according to the target trust measure to obtain the group management result. By modeling 5G IoT sensing nodes and combining multi-dimensional attribute measures and trust hierarchical grouping strategies, a set of trust remote proof schemes adapted to 5G IoT is obtained.
[0059] In one embodiment, the node management method based on trust metrics provided in this application may further include:
[0060] Step 110: Obtain the identity information, hardware and software information, and behavior information of the sensing nodes to be managed;
[0061] Step 120: Determine the identity identifier description vector based on the identity information;
[0062] Step 130: Determine the inherent attribute description vector based on the hardware and software information;
[0063] Step 140: Determine the behavior attribute description vector based on the behavior information.
[0064] Node devices typically possess an identity key (pk), initial network access time (lt), and key information identifying the node device's manufacturing and deployment, such as: affiliated organization, manufacturer, serial number, application category, and functional description. The identity description vector (ID) can be denoted as: ID = (pk, lt, af1, af2, ..., af...). n This vector serves as a unique identifier for a node device, uniquely identifying its identity, location, application, and function within the network. Here, pk is the node device's identity key, lt is the identity key update interval, and af1, af2, ..., af... n This provides the identity information for each node device.
[0065] The hardware and software attributes of a node device are described using an inherent attribute description vector. A node device typically has key hardware information H(1), key software information H(2), network slice information H(3), and application information {ha}. i The intrinsic attribute description vector (IA) can be written as: IA = (H(i), ha(j)).
[0066] The behavioral attribute description vector describes the task request and execution status of the node device, the network transmission status of the node device, and the status of the data link where the node device is located. It is usually composed of a sequence of task request information {tr i}, Task processing information sequence {tp i}, Task processing efficiency evaluation Te, Theoretical list of data information to be sent {td i}, the actual list of messages sent {sd i}, Network bandwidth allocation information {tb i The data transmission response evaluation De consists of the behavioral attribute description vector (BA), which can be denoted as: BA = (tr, tp, td, sd, tb, Te, De).
[0067] This embodiment describes the node device from three aspects: identity information, hardware and software information, and behavioral information. This can effectively describe the internal and external information of the node device and thus measure the trust status of the node device.
[0068] In one embodiment, the node management method based on trust metrics provided in this application may further include:
[0069] Step 201: Determine the identity trust metric of the sensing node to be managed based on the identity description vector, the identity key of the sensing node to be managed, and the total duration of the network service phase corresponding to the sensing node to be managed.
[0070] Step 202: Determine the software and hardware trustworthiness measure of the sensing node to be managed based on the inherent attribute description vector and the key software and hardware information corresponding to the sensing node to be managed.
[0071] Step 203: Determine the first weight corresponding to the identity trust measurement and the second weight corresponding to the software and hardware trust measurement;
[0072] Step 204: Determine the static trust metric of the sensing node to be managed based on the identity trust metric, the first weight, the software and hardware trust metric, and the second weight.
[0073] Specifically, static trust metrics evaluate both the identity trust metric and the hardware / software trust metric of node devices. In 5G networks, each node device has a unique identity key pk. If the identity key is incorrect, the node device is untrustworthy; a correct identity key is a prerequisite for trusted interaction. In 5G scenarios with numerous device and user interactions, the identity key is a key indicator for measuring the trustworthiness of node devices and quickly eliminating malicious nodes. If the identity key is correct, the metrics measure the node device's organization, manufacturer, serial number, application, and functional information, i.e., the vector (af1, af2, ..., af...). n In 5G IoT, the network access time of node devices is also an important indicator. Management nodes take a cautious approach to evaluating newly network-connected nodes, while taking a more optimistic approach to nodes that have been operating normally for an extended period. θ For node device p k The identity trust metric is calculated as shown in Formula 4, where t0 is the total duration of the network service phase and t is the current time.
[0074]
[0075] The key hardware and software information of node devices is also a key indicator for static trust measurement. Strict verification is performed on key hardware such as CPUs and sensors, and key software such as operating system bootloaders, operating systems, data acquisition and transmission programs, to prevent tampering with these key hardware and software components; this is the key hardware and software information in this embodiment. The network address of a node device is also relatively fixed within a network service duration. A comprehensive measurement is performed on the user applications carried by the 5G IoT to calculate the hardware and software trust measurement of the node devices. Management node p θ For node device p κ The software and hardware trustworthiness measurement is calculated as shown in Formula 5, where H(i), i = 1, 2, 3 represents the key hardware, software, and network address information of the node device that cannot be tampered with, {ha j} represents application information.
[0076]
[0077] The static trust metrics of the node devices are calculated based on the identity trust metrics and the software and hardware trust metrics, as shown in Formula 1. In this embodiment, α1 and α2 are the first weight and the second weight, respectively. In scenarios where there are few types of devices but high requirements for service security and stability, the first weight is higher; in scenarios where there are many types of devices and many devices from different manufacturers for different purposes, the second weight is higher.
[0078] This embodiment describes the node device from two aspects: identity information and hardware / software information. This can effectively describe the internal and external information of the node device and thus measure the trusted status of the node device.
[0079] In one embodiment, the node management method based on trust metrics provided in this application may further include:
[0080] Step 211: Determine the task state trust metric and network state trust metric of the sensing node to be managed based on the behavior attribute description vector;
[0081] Step 212: Determine the third weight corresponding to the task state credibility metric and the fourth weight corresponding to the network state credibility metric;
[0082] Step 213: Determine the dynamic trust metric of the sensing node to be managed based on the task status trust metric, the third weight, the network status trust metric, and the fourth weight.
[0083] Specifically, the dynamic trust metric for node devices is measured from two dimensions: task status and network transmission status. Task processing efficiency evaluation (Te) is a crucial indicator for measuring node device availability. The task request list {tr} i} and task processing list {tpj} Perform measurements separately, management node p θ For node device p κ The task status credibility metric is calculated as shown in Formula 6.
[0084]
[0085] 5G IoT features network slicing, making node devices more sensitive to bandwidth allocation. Therefore, bandwidth allocation is a key indicator for measuring the network status reliability of node devices; abnormal fluctuations in network bandwidth usage are considered untrustworthy behavior. The accuracy of transmitted data also affects the reliability of node devices. The measurement process comprehensively considers information from various network slices. The network status reliability measurement is calculated as shown in Formula 7, where {tb j} represents the bandwidth distribution at time step td. i and sd i These are the theoretical and actual transmitted information sequences, respectively, and the transmission delay is measured in real time.
[0086]
[0087] The dynamic trust metric for node devices combines task state trust metric and network state trust metric, and its calculation formula is shown in Formula 2. Here, β1 and β2 are the third and fourth weights in this embodiment, respectively, and their values are set according to the specific deployment scenario. In scenarios where nodes perform fewer computational tasks but bear a larger transmission load, the fourth weight is higher. In fields involving edge computing, the third weight is higher.
[0088] This embodiment determines the dynamic trust metric of node devices by using behavioral attribute description vectors to measure the trust status of node devices, thus obtaining a trustworthy remote proof scheme for node devices adapted to 5G IoT.
[0089] Please refer to Figure 2 In one embodiment, the node management method based on trust metrics provided in this application may further include:
[0090] Step 210: Obtain energy-related information and interaction-related information of the sensing node to be managed;
[0091] Step 220: Determine the energy reliability metric of the sensing node to be managed based on the energy-related information.
[0092] Step 230: Determine the recommended reliability metric of the sensing node to be managed based on the interaction-related information, the preset service similarity function, and the preset decay function.
[0093] Specifically, the recommended trust metric for a node device needs to consider the dynamic metrics of other nodes interacting with it. Communication information involved in interactions between nodes is measured and stored in real time, and each task request and processing operation between nodes is recorded and tagged with a trust label. When referencing the trustworthiness of a node device from other nodes, the management node also calculates the service similarity between the metric node and the measured node. For 5G IoT nodes used in complex scenarios, metrics between service-similar nodes are more valuable. Furthermore, nodes that are closer together and have fewer hops have greater reference value, while nodes with more hops have higher risks due to the greater number of forwards and therefore lower reference value. (Management node p) θ For node device p κ The recommendation credibility metric is calculated as shown in Formula 8.
[0094]
[0095] Among them, simi(p i ,p k ) is node p i root node p k The service similarity function is used to determine whether node devices with the same or similar functions have a high service similarity. The service similarity function is calculated as shown in Formula 9, where... It is node p i and node p k The reliability decays with the number of hops transmitted, and its calculation is shown in Equation 10. At node p... i Can be with node p k In the case of direct communication, the hop count between nodes is 1; when a node needs to go through a series of nodes for forwarding, the hop count between nodes is greater than 1.
[0096]
[0097]
[0098] This embodiment determines the recommended trust metric for node devices by using information related to interactions between node devices, service similarity functions, and decay functions, and measures the trust status of node devices, thus obtaining a trusted remote proof scheme for node devices suitable for 5G IoT.
[0099] In one embodiment, the node management method based on trust metrics provided in this application may further include:
[0100] Step 301: Determine the comprehensive trust measure of the sensing node to be managed based on the target trust measure and the recommended trust measure;
[0101] Step 302: Determine the trust distinguishability of the sensing node to be managed based on the preset service similarity function, the comprehensive trust metric, and the energy trust metric.
[0102] Step 303: Add the managed sensing nodes with a trust distinguishability greater than a preset threshold to a trust group to obtain the group management result.
[0103] Specifically, such as Figure 3 As shown, combining static trust metrics, dynamic trust metrics, and recommended trust metrics can determine the node device (i.e., Figure 3 The comprehensive trust measure of the device nodes and node devices in the system is used to comprehensively evaluate the node devices. The weights of the static trust measure, dynamic trust measure, and recommended trust measure are calculated using the information entropy formula (as shown in Formulas 11 and 12), where H(M) st H(M) is the information entropy of the static credibility metric. dyn H(M) represents the information entropy of a dynamic credibility metric. re γ is the information entropy for recommending a reliable measure. st γ is the weight of the static credibility metric. dyn γ is the weight of the dynamic credibility metric. re Weights for recommending credibility metrics.
[0104] H(M st )=-M st logM st -(1-M st log(1-M) st )
[0105] H(M dyn )=-M dyn logM dyn -(1-M dyn log(1-M) dyn )
[0106] H(M re )=-M re logM re -(1-M re log(1-M) re ) Formula 11
[0107]
[0108]
[0109]
[0110] Finally, the comprehensive trust metric of the management node to the node devices is obtained, calculated as shown in Formula 13, where Mtotal For comprehensive credibility measurement.
[0111] M total =γ st M st +γ dyn M dyn +γ re M re Formula 13
[0112] 5G IoT consists of node devices with different functions and attributes. During operation, node devices with similar structures and functions can be grouped together. Within a group, node devices follow the same specifications, share certain resources, and communicate more frequently. Based on a multi-dimensional trust measurement method and combined with energy trust measurement, a trust logic grouping method adapted to 5G IoT is proposed.
[0113] In 5G IoT, there are numerous node devices and a complex interactive network. Different node devices have varying energy reserves and utilization rates. If critical node devices experience energy shortages due to rapid energy consumption, it can lead to load imbalances or even system paralysis, severely impacting the availability and security of 5G IoT. High-reliability node devices and relay nodes, in particular, consume energy at a faster rate than other node devices. The lifecycle of each node device is closely related to the lifecycle of the entire network. Within a service cycle, the lifecycle of node device p at time t is defined as... κ The energy consumption for transmitting and receiving data is calculated as shown in Formulas 14 and 15, where n is the number of bits of data transmitted and received by the node device up to time t, d is the distance between the transmitting and receiving node devices, and d θ E is the threshold for the transmission distance between transmitting and receiving node devices. cost E is the energy consumed to send and receive one bit of data. mp The energy required to transmit one bit of data to achieve a specified signal-to-noise ratio, E cost and E mp It is pre-set based on the characteristics of the network, E accept For node device p at time t κ Energy consumption for receiving data, E send For node device p at time t κ Energy consumption for transmitting data.
[0114] E accept (n,d)=E cost ·n Formula 14
[0115]
[0116] The total energy consumption for data forwarding, E, can be obtained from the formula for energy consumption of sending and receiving data. consumeAs shown in Equation 16, the initial energy of the node device is set to E. init Let P0 represent the operating power of the node device at startup, then the remaining energy E of the node device at time t is... residue The calculation is shown in Formula 17.
[0117]
[0118] E residue =E init -E consume -P0t Formula 17
[0119]
[0120] Set an energy threshold E θ When the remaining energy of a node device is less than the energy threshold, regardless of its overall trust metric, it will be unavailable and unable to forward data. When the remaining energy of a node device is higher than the energy threshold, it can normally complete data forwarding. E The calculation is shown in Formula 18.
[0121] By utilizing the service similarity of node devices, the comprehensive trust metric of node devices, and the energy trust metric, the trust distinguishability F of node devices is further calculated. c Within the deployment area, only the management node can comprehensively measure and compute the trustworthiness of node devices from various aspects, and logically group the node devices accordingly. n ,t m ] is a service time period during network operation, t n and t m These are the system times at the start and end of the time period, respectively. During the service cycle, the management node performs a comprehensive trust measurement and an energy trust measurement on the node devices at regular intervals, resulting in a comprehensive trust measurement sequence {M(y)}={M(p)}. θ ,p κ ,t n ),M(p θ ,p κ ,t n+1 ),…,M(p θ ,p κ ,t m )} and energy reliability measurement sequence {M E (t)}={M E (p θ ,p κ ,t n ),M E (p θ ,p κ ,t n+1),…,M E (p θ ,p κ ,t m When a new service cycle begins, the management node calculates the service differentiation of the node devices by integrating various historical metrics from the previous service cycle, as shown in Formula 19.
[0122]
[0123] Among them, simi(p θ ,p k This refers to the service similarity between the management node and the node devices, measuring functional consistency. It combines historical comprehensive trust metrics with energy trust metrics to comprehensively reflect the differences between node devices. The management node calculates the trust distinguishability of all node devices under its management and compares it with the management node's preset grouping threshold F. th Comparison, if F c >F th If the node device is selected correctly, it can join the trusted group headed by the management node; otherwise, it is not allowed to join. This implements trusted logical grouping of nodes (i.e., trusted groups in this embodiment), resulting in group management.
[0124] This embodiment uses a service similarity function to integrate trust metrics and energy trust metrics to group and manage node devices. By combining multi-dimensional attribute metrics and a trust-based hierarchical grouping strategy, a trusted remote verification scheme suitable for 5G Internet of Things is obtained.
[0125] In one embodiment, the node management method based on trust metrics provided in this application may further include:
[0126] Step 310: Determine the trust expectation value of each trusted group based on the trust distinguishability of each managed sensing node in the trusted group;
[0127] Step 320: Based on the trust expectation value and the preset expectation value, classify each of the trusted groups to obtain the classification management result.
[0128] Specifically, after grouping the node devices, a trust level can be assigned to each group to measure the trustworthiness of the node device group as a whole and set corresponding service policies. A management node manages a group of nodes within its communication radius {p κ1 ,p κ2 ,…,p κn The trust distinguishability of these node devices is {F}. c (p θ ,p κ1 ),F c (p θ,p κ2 ),…,F c (p θ ,p κn )}, and the remaining energy at this time is {E} κ1 E κ2 ,…,E κn The trust mathematical expectation of node devices in a trusted group centered on the management node is calculated as shown in Equation 20.
[0129]
[0130] The system's default trust expectation for trusted groups is... when When a group is managed by a management node, the group it manages is considered a trusted group; otherwise, it is considered an untrusted group. The trustworthiness distinction between groups is defined as follows: According to d θ Different trust groups are divided into n levels (δ1, δ2, ..., δ). n ), and δ1<δ2<…<δ n It is ordered. Different trust levels divide the data transmission into n+1 priorities; the higher the trust level, the higher the data transmission priority.
[0131] Trusted group service priority Γ(p) θ The division is shown in Equation 21 below.
[0132]
[0133] (δ1,δ2,…,δ n The value of ) is determined by the trusted logical group. After the service period starts and the logical group is defined, the management node determines the group's group trust level and then determines the data transmission priority in sequence.
[0134] This embodiment classifies each trusted group by trust distinguishability to obtain a hierarchical management result. By combining multi-dimensional attribute measurement and trust hierarchical grouping strategy, a trusted remote authentication scheme adapted to 5G Internet of Things is obtained.
[0135] The node management device based on trust metrics provided by the present invention will be described below. The node management device based on trust metrics described below and the node management method based on trust metrics described above can be referred to in correspondence.
[0136] Please refer to Figure 4 The present invention also provides a node management device based on trust metrics, comprising:
[0137] The target description vector determination module 401 is used to determine the target description vector of the sensing node to be managed.
[0138] The target credibility measurement determination module 402 is used to determine the target credibility measurement of the sensing node to be managed based on the target description vector.
[0139] The group management module 403 is used to perform trusted group management on the sensing nodes to be managed according to the target trust metric, and obtain the group management result.
[0140] Optionally, the target description vector determination module includes:
[0141] The acquisition unit is used to acquire the identity information, hardware and software information, and behavioral information of the sensing nodes to be managed.
[0142] An identity description vector determination unit is used to determine the identity description vector based on the identity information;
[0143] An inherent attribute description vector determination unit is used to determine the inherent attribute description vector based on the software and hardware information;
[0144] A behavior attribute description vector determination unit is used to determine the behavior attribute description vector based on the behavior information.
[0145] Optionally, the target credibility measurement determination module includes:
[0146] The identity identifier trust measurement determination unit is used to determine the identity identifier trust measurement of the sensing node to be managed based on the identity identifier description vector, the identity key of the sensing node to be managed, and the total duration of the network service phase corresponding to the sensing node to be managed.
[0147] The software and hardware trust measurement determination unit is used to determine the software and hardware trust measurement of the sensing node to be managed based on the inherent attribute description vector and the key software and hardware information corresponding to the sensing node to be managed.
[0148] The first weight determination unit is used to determine the first weight corresponding to the identity trust measurement and the second weight corresponding to the software and hardware trust measurement.
[0149] The static trust measurement determination unit is used to determine the static trust measurement of the sensing node to be managed based on the identity trust measurement, the first weight, the software and hardware trust measurement, and the second weight.
[0150] Optionally, the target credibility measurement determination module further includes:
[0151] The trust measurement determination unit is used to determine the task state trust measurement and network state trust measurement of the sensing node to be managed based on the behavioral attribute description vector.
[0152] The third weight determination unit is used to determine the third weight corresponding to the task state credibility metric and the fourth weight corresponding to the network state credibility metric.
[0153] The dynamic trust metric determination unit is used to determine the dynamic trust metric of the sensing node to be managed based on the task state trust metric, the third weight, the network state trust metric, and the fourth weight.
[0154] Optionally, the node management device based on trust metrics includes:
[0155] The acquisition module is used to acquire energy-related information and interaction-related information of the sensing node to be managed;
[0156] An energy reliability measurement determination module is used to determine the energy reliability measurement of the sensing node to be managed based on the energy-related information.
[0157] The recommended credibility metric determination module is used to determine the recommended credibility metric of the sensing node to be managed based on the interaction-related information, the preset service similarity function, and the preset decay function.
[0158] Optionally, the group management module includes:
[0159] The comprehensive trust metric determination unit is used to determine the comprehensive trust metric of the sensing node to be managed based on the target trust metric and the recommended trust metric.
[0160] The trust distinguishability determination unit is used to determine the trust distinguishability of the sensing node to be managed based on the preset service similarity function, the comprehensive trust measure and the energy trust measure;
[0161] The group management unit is used to add the managed sensing nodes with a trust distinguishability greater than a preset threshold into a trust group to obtain the group management result.
[0162] Optionally, the node management device based on trust metrics includes:
[0163] The trust expectation value determination module is used to determine the trust expectation value of each trusted group based on the trust distinguishability of each managed sensing node in the trusted group.
[0164] The grading module is used to grade each of the trusted groups according to the trust expectation value and the preset expectation value, so as to obtain the grading management result.
[0165] Figure 5 An example is a schematic diagram of the physical structure of an electronic device, such as... Figure 5As shown, the electronic device may include a processor 510, a communications interface 520, a memory 530, and a communication bus 540, wherein the processor 510, communications interface 520, and memory 530 communicate with each other via the communication bus 540. The processor 510 can call logical instructions in the memory 530 to execute a node management method based on trust metrics.
[0166] Furthermore, the logical instructions in the aforementioned memory 530 can be implemented as software functional units and, when sold or used as independent products, can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention, essentially, or the part that contributes to the prior art, or a part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
[0167] In another aspect, the present invention also provides a non-transitory computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, is implemented to perform the node management method based on trust metrics provided by the above methods.
[0168] The device embodiments described above are merely illustrative. The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs. Those skilled in the art can understand and implement this without any creative effort.
[0169] Through the above description of the embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus necessary general-purpose hardware platforms, and of course, it can also be implemented by hardware. Based on this understanding, the above technical solutions, in essence or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product can be stored in a computer-readable storage medium, such as ROM / RAM, magnetic disk, optical disk, etc., and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in the various embodiments or some parts of the embodiments.
[0170] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims
1. A node management method based on trust metrics, characterized in that, include: Acquire the identity information, hardware and software information, and behavioral information of the sensing node to be managed, wherein the behavioral information includes at least: network bandwidth allocation information of network slice, theoretical information transmission sequence, and actual information transmission sequence; Based on the identity information, an identity identification description vector is determined; based on the hardware and software information, an inherent attribute description vector is determined; based on the behavior information, a behavior attribute description vector is determined, and the identity identification description vector, the inherent attribute description vector, and the behavior attribute description vector are used together as the target description vector of the sensing node to be managed. The target trust metric of the sensing node to be managed is determined based on the target description vector. The target trust metric includes a dynamic trust metric. Specifically, determining the dynamic trust metric includes: determining the task state trust metric and the network state trust metric of the sensing node to be managed based on the behavioral attribute description vector. Specifically, determining the network state trust metric includes: comprehensively considering the information of each network slice, measuring the network state trust metric based on the fluctuation difference of the bandwidth distribution of the network slice at the measurement time and combining the transmission data accuracy of the theoretical transmission information sequence and the actual transmission information sequence. Determine the third weight corresponding to the task state credibility metric and the fourth weight corresponding to the network state credibility metric; The dynamic trust metric of the sensing node to be managed is determined based on the task status trust metric, the third weight, the network status trust metric, and the fourth weight. Based on the target trust metric, the sensing nodes to be managed are subjected to trust group management to obtain the group management results.
2. The node management method based on trust metric according to claim 1, characterized in that, The target trust metric includes a static trust metric; determining the target trust metric of the sensing node to be managed based on the target description vector includes: The identity recognition trust metric of the sensing node to be managed is determined based on the identity identification description vector, the identity key of the sensing node to be managed, and the total duration of the network service phase corresponding to the sensing node to be managed. Based on the inherent attribute description vector and the key software and hardware information corresponding to the sensing node to be managed, determine the software and hardware trust metric of the sensing node to be managed. Determine the first weight corresponding to the identity trust metric and the second weight corresponding to the software and hardware trust metric; Based on the identity trust metric, the first weight, the software and hardware trust metric, and the second weight, the static trust metric of the sensing node to be managed is determined.
3. The node management method based on trust metric according to claim 1, characterized in that, After determining the target trust metric of the sensing node to be managed based on the target description vector, the following steps are included: Obtain the energy-related information and interaction-related information of the sensing node to be managed; The energy reliability metric of the sensing node to be managed is determined based on the energy-related information. Based on the interaction-related information, the preset service similarity function, and the preset decay function, the recommended reliability metric for the sensing node to be managed is determined.
4. The node management method based on trust metric according to claim 3, characterized in that, The step of performing trusted group management on the sensing nodes to be managed based on the target trusted metric to obtain the group management result includes: Based on the target trust metric and the recommended trust metric, determine the comprehensive trust metric of the sensing node to be managed; The trust distinguishability of the sensing node to be managed is determined based on the preset service similarity function, the comprehensive trust metric, and the energy trust metric. The sensing nodes to be managed that have a trust distinguishability greater than a preset threshold are added to a trust group to obtain the group management result.
5. The node management method based on trust metric according to claim 4, characterized in that, The step of performing trusted group management on the sensing nodes to be managed based on the target trusted metric and obtaining the group management result includes: Based on the trust distinguishability of each sensing node to be managed in the trusted group, the trust expectation value of each trusted group is determined. Based on the trust expectation value and the preset expectation value, each trust group is classified into different levels to obtain the classification management result.
6. A node management device based on trust metric, characterized in that, include: The target description vector determination module is used to acquire the identity information, hardware and software information, and behavioral information of the sensing node to be managed. The behavioral information includes at least: network bandwidth allocation information for network slices, theoretical transmission information sequence, and actual transmission information sequence. Based on the identity information, an identity identifier description vector is determined; based on the hardware and software information, an inherent attribute description vector is determined; and based on the behavioral information, a behavioral attribute description vector is determined. The identity identifier description vector, the inherent attribute description vector, and the behavioral attribute description vector are collectively used as the target description vector of the sensing node to be managed. The target trust metric determination module is used to determine the target trust metric of the sensing node to be managed based on the target description vector. The target trust metric includes a dynamic trust metric. Specifically, determining the dynamic trust metric includes: determining the task state trust metric and the network state trust metric of the sensing node to be managed based on the behavioral attribute description vector. Specifically, determining the network state trust metric includes: comprehensively considering the information of each network slice, measuring the network state trust metric based on the fluctuation difference of the bandwidth distribution of the network slice at the measurement time and the transmission data accuracy of the theoretical transmission information sequence and the actual transmission information sequence; determining the third weight corresponding to the task state trust metric and the fourth weight corresponding to the network state trust metric; and determining the dynamic trust metric of the sensing node to be managed based on the task state trust metric, the third weight, the network state trust metric, and the fourth weight. The group management module is used to perform trusted group management on the sensing nodes to be managed according to the target trust metric, and obtain the group management result.
7. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that, When the processor executes the program, it implements the node management method based on trust metrics as described in any one of claims 1 to 5.
8. A non-transitory computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the node management method based on trust metrics as described in any one of claims 1 to 5.