Zero trust in edge computing environment: a blockchain based practical scheme

Dawei Li; Enzhun Zhang; Ming Lei; Chunxiao Song; Dawei Li; Enzhun Zhang; Ming Lei; Chunxiao Song

doi:10.3934/mbe.2022194

Mathematical Biosciences and Engineering

2022, Volume 19, Issue 4: 4196-4216. doi: 10.3934/mbe.2022194

Previous Article Next Article

Research article Special Issues

Zero trust in edge computing environment: a blockchain based practical scheme

1.
School of Computing Engineering, Nanjing Institute of Technology, Nanjing 211167, China
2.
Energy Research Institute, Nanjing Institute of Technology, Nanjing 211167, China
3.
NARI Group Corporation (State Grid Electric Power Research Institute), Nanjing 211106, China

Received: 16 December 2021 Revised: 09 February 2022 Accepted: 13 February 2022 Published: 18 February 2022

Edge computing offloads the data processing capacity to the user side, provides flexible and efficient computing services for the development of smart city, and brings many security challenges. Aiming at the problems of fuzzy boundary security protection and dynamic identity authentication in the edge computing environment in smart city, the zero trust architecture based on blockchain is studied, and a digital identity model and dynamic authentication scheme of edge computing nodes based on distributed ledger are proposed. Firstly, a digital identity model of two-way authentication between edge computing node and sensing terminal is established to realize fine-grained authorization and access control in edge computing. Secondly, based on the identity data and behavior log bookkeeping on the chain, the quantification of trust value, trust transmission and update are realized, and the traceability of security events is improved. Finally, based on the improved RAFT consensus algorithm, the multi-party consensus and consistency accounting in the authentication process are realized. Simulation results show that this scheme can meet the requirements of zero trust verification in edge computing environment, and has good efficiency and robustness.
- blockchain,
- Internet of things,
- zero trust,
- edge computing,
- secret sharing,
- consensus algorithm
Citation: Dawei Li, Enzhun Zhang, Ming Lei, Chunxiao Song. Zero trust in edge computing environment: a blockchain based practical scheme[J]. Mathematical Biosciences and Engineering, 2022, 19(4): 4196-4216. doi: 10.3934/mbe.2022194

Related Papers:

Abstract

Edge computing offloads the data processing capacity to the user side, provides flexible and efficient computing services for the development of smart city, and brings many security challenges. Aiming at the problems of fuzzy boundary security protection and dynamic identity authentication in the edge computing environment in smart city, the zero trust architecture based on blockchain is studied, and a digital identity model and dynamic authentication scheme of edge computing nodes based on distributed ledger are proposed. Firstly, a digital identity model of two-way authentication between edge computing node and sensing terminal is established to realize fine-grained authorization and access control in edge computing. Secondly, based on the identity data and behavior log bookkeeping on the chain, the quantification of trust value, trust transmission and update are realized, and the traceability of security events is improved. Finally, based on the improved RAFT consensus algorithm, the multi-party consensus and consistency accounting in the authentication process are realized. Simulation results show that this scheme can meet the requirements of zero trust verification in edge computing environment, and has good efficiency and robustness.

References

[1]	R. Yang, F. R. Yu, P. Si, Z. Yang, Y. Zhang, Integrated blockchain and edge computing systems: a survey, some research issues and challenges, IEEE Commun. Surv. Tutorials, 21 (2019), 1508-1532. http://doi.org/10.1109/COMST.2019.2894727 doi: 10.1109/COMST.2019.2894727
[2]	T. Ma, H. Wang, L. Zhang, Y. Tian, N. Al-Nabhan, Graph classification based on structural features of significant nodes and spatial convolutional neural networks, Neurocomputing, 423 (2021), 639-650. https://doi.org/10.1016/j.neucom.2020.10.060 doi: 10.1016/j.neucom.2020.10.060
[3]	Y. Tian, B. Song, M. Murad, N. Al-Nabhan, Trustworthy collaborative trajectory scheme for continuous LBS, Int. J. Sens. Networks, 38 (2022), 58-69. http://doi.org/10.1504/IJSNET.2022.120275 doi: 10.1504/IJSNET.2022.120275
[4]	L. Fu, Z. Li, Q. Ye, H. Yin, Q. Liu, X. Chen, et al., Learning robust discriminant subspace based on joint L2, p- and L2, s-norm distance metrics, IEEE Trans. Neural Networks Learn. Syst., 33 (2022), 130-144. https://doi.org/10.1109/TNNLS.2020.3027588
[5]	Q. Ye, P. Huang, Z. Zhang, Y. Zheng, L. Fu, W. Yang, Multiview learning with robust double-sided twin SVM, IEEE Trans. Cybern., 2021 (2021). https://doi.org/10.1109/TCYB.2021.3088519 doi: 10.1109/TCYB.2021.3088519
[6]	Q. Ye, Z. Li, L. Fu, Z. Zhang, W. Yang, G. Yang, Nonpeaked discriminant analysis for data representation, IEEE Trans. Neural Networks Learn. Syst., 30 (2019), 3818-3832. https://doi.org/10.1109/TNNLS.2019.2944869 doi: 10.1109/TNNLS.2019.2944869
[7]	Z. Tong, F. Ye, M. Yan, H. Liu, S. Basodi, A survey on algorithms for intelligent computing and smart city applications, Big Data Mining Anal., 4 (2021), 155-172. https://doi.org/10.26599/BDMA.2020.9020029 doi: 10.26599/BDMA.2020.9020029
[8]	J. H. Anajemba, T. Yue, C. Iwendi, M. Alenezi, M. Mittal, Optimal cooperative offloading scheme for energy efficient multi-access edge computation, IEEE Access, 8 (2020), 53931-53941. https://doi.org/10.1109/ACCESS.2020.2980196 doi: 10.1109/ACCESS.2020.2980196
[9]	S. Guo, X. Hu, S. Guo, X. Qiu, F. Qi, Blockchain meets edge computing: a distributed and trusted authentication system, IEEE Trans. Ind. Inf., 16 (2020), 1972-1983. https://doi.org/10.1109/TII.2019.2938001 doi: 10.1109/TII.2019.2938001
[10]	P. Zhang, C. Tian, T. Shang, L. Liu, L. Li, W. Wang, et al., Dynamic access control technology based on zero-trust light verification network model, in 2021 International Conference on Communications, Information System and Computer Engineering (CISCE), (2021), 712-715. https://doi.org/10.1109/CISCE52179.2021.9445896
[11]	A. Wylde, Zero trust: Never trust, always verify, in 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), (2021), 1-4. https://doi.org/10.1109/CyberSA52016.2021.9478244
[12]	B. Chen, S. Qiao, J. Zhao, D. Liu, X. Shi, M. Lyu, et al., A security awareness and protection system for 5G smart healthcare based on zero-trust architecture, IEEE Int. Things J., 8 (2021), 10248-10263. https://doi.org/10.1109/JIOT.2020.3041042
[13]	D. Li, X. Gao, A blockchain based terminal security of IoT, in ICBDS 2019, CCIS 1210, (2019), 445-454. https://doi.org/10.1007/978-981-15-7530-3_34
[14]	J. Zhang, Z. Wang, L. Shang, D. Lu, J. Ma, BTNC: A blockchain based trusted network connection protocol in IoT, J. Parallel Distrib. Comput., 143 (2020), 1-16. https://doi.org/10.1016/j.jpdc.2020.04.004 doi: 10.1016/j.jpdc.2020.04.004
[15]	S. Mehraj, M. T. Banday, Establishing a zero trust strategy in cloud computing environment, in 2020 International Conference on Computer Communication and Informatics (ICCCI), (2020), 1-6. https://doi.org/10.1109/ICCCI48352.2020.9104214
[16]	C. Saran, Cliff, Jericho Forum presents strategy for secure access for businesses, Comput. Wkly., 3 (2004), 16.
[17]	B. Gates, Enabling secure anywhere access in a connected world, 2007. Available from: https://www.metamuse.net/2007/02/bill-gates-enabling-secure-anywhere.html.
[18]	J. Morello, Secure access anywhere, Technet Mag., 2007.
[19]	Software defined perimeter (SDP) and Zero Trust, 2020. Available from: https://cloudsecurityalliance.org/artifacts/software-defined-perimeter-and-zero-trust/.
[20]	R. Ward, B. Beyer, Beyondcorp: a new approach to enterprise security, Login Mag. USENIX SAGE, 39 (2014), 6-11.
[21]	NIST, Zero trust architecture: draft NIST SP 800-207 available for comment, 2019. Available from: https://www.nist.gov/news-events/news/2019/09/zero-trust-architecture-draft-nist-sp-800-207-available-comment.
[22]	A. P. Patil, G. Karkal, J. Wadhwa, M. Sawood, K. D. Reddy, Design and implementation of a consensus algorithm to build zero trust model, in 2020 IEEE 17th India Council International Conference (INDICON), (2020), 1-5. https://doi.org/10.1109/INDICON49873.2020.9342207
[23]	S. A. Latif, F. Wen, C. Iwendi, L. Wang, S. Mohsin, Z.Han, et al., AI-empowered, blockchain and SDN integrated security architecture for IoT network of cyber physical systems, Comput. Commun., 181 (2022), 274-283. https://doi.org/10.1016/j.comcom.2021.09.029
[24]	Y. Jia, S. Sun, Y. Zhang, Q. Zhang, L. Ding, Z. Liu, et al., PBT: a new privacy-preserving payment protocol for blockchain transactions, IEEE Trans. Dependable Sec. Comput, 19 (2022), 647-662. https://doi.org/10.1109/TDSC.2020.2998682
[25]	M. A. Azad, S. Bag, F. Hao, A. Shalaginov, Decentralized self-enforcing trust management system for social Internet of Things, IEEE Int. Things J., 7 (2020), 2690-2703. https://doi.org/10.1109/JIOT.2019.2962282 doi: 10.1109/JIOT.2019.2962282
[26]	D. Ngabo, D. Wang, C. Iwendi, J. H. Anajemba, L. A. Ajao, C. Biamba, Blockchain-based security mechanism for the medical data at fog computing architecture of Internet of Things, Electronics, 10 (2021), 2110. https://doi.org/10.3390/electronics10172110 doi: 10.3390/electronics10172110

Reader Comments

Your name:*

Email:*
© 2022 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)