Modeling and Analysis of Security Information Flow in Mobile Edge Computing

doi:10.19678/j.issn.1000-3428.0062953

Abstract

Abstract: In Mobile Edge Computing(MEC), the identity of mobile terminal is complex and dynamic.For task unloading in high security field, it is necessary to track the unloaded tasks in real time and find abuse in time to ensure the security of task unloading.However, most existing works focus on the trust evaluation method to select the high-trust node for offloading tasks and fail to pay attention to the problem of the node in launching internal attacks.Therefore, this study proposes a task offloading method that supports security analysis to solve this problem.A task offloading flow path supporting security analysis is presented, and a multilevel security information flow model for MEC is proposed to constrain service offloading, data offloading and service execution.Based on the formal method bigraph, the task offloading process is modeled as a labeled transition system which marks transfer edge.The satisfaction of the security requirements is verified using model-checking technology.The proposed method predicts malicious behavior during task unloading in seconds, and it has good feasibility and effectiveness.

Key words: Mobile Edge Computing(MEC), task offloading, security information flow model, bigraph, model checking

摘要： 在移动边缘计算中，移动终端身份存在复杂性和动态性，对于高安全领域的任务卸载，需要对被卸载的任务进行实时跟踪，及时发现滥用行为才能保证任务卸载的安全性。然而，现有方法多基于信任评估机制选择高信任度节点进行卸载，并没有关注该节点自身发起的内部攻击问题。提出一种支持安全性分析的任务卸载方法。设计包含安全性分析的任务卸载流程，构建面向移动边缘计算的多级安全信息流模型，用于约束服务卸载、数据卸载和服务执行过程。在此基础上，基于偶图对任务卸载过程进行建模，构造标注迁移边的标号变迁系统，并利用模型检测技术验证是否满足相应的安全需求。案例分析和性能评估结果表明，该方法能够在秒级时间内预测任务卸载中的恶意行为，具有较好的可行性和有效性。

关键词: 移动边缘计算, 任务卸载, 安全信息流模型, 偶图, 模型检测

CLC Number:

TP393

XIE Na, TAN Wenan, CAO Yan, ZHAO Lu. Modeling and Analysis of Security Information Flow in Mobile Edge Computing[J]. Computer Engineering, 2022, 48(5): 35-42,52.

谢娜, 谭文安, 曹彦, 赵璐. 移动边缘计算中安全信息流建模与分析[J]. 计算机工程, 2022, 48(5): 35-42,52.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.19678/j.issn.1000-3428.0062953

http://www.ecice06.com/EN/Y2022/V48/I5/35

Figures/Tables 16

References

[1] 余翔, 石雪琴, 刘一勋.移动边缘计算中卸载策略与功率的联合优化[J].计算机工程, 2020, 46(6):20-25. YU X, SHI X Q, LIU Y X.Joint optimization of offloading strategy and power in mobile-edge computing[J].Computer Engineering, 2020, 46(6):20-25.(in Chinese)
[2] SAJJAD M, AHMAD A, MALIK A W, et al.Classification and mapping of adaptive security for mobile computing[J].IEEE Transactions on Emerging Topics in Computing, 2020, 8(3):814-832.
[3] 王妍, 葛海波, 冯安琪.云辅助移动边缘计算中的计算卸载策略[J].计算机工程, 2020, 46(8):27-34. WANG Y, GE H B, FENG A Q.Computation offloading strategy in cloud-assisted mobile edge computing[J].Computer Engineering, 2020, 46(8):27-34.(in Chinese)
[4] MAO Y Y, YOU C S, ZHANG J, et al.A survey on mobile edge computing:the communication perspective[J].IEEE Communications Surveys & Tutorials, 2017, 19(4):2322-2358.
[5] ZHANG J L, CHEN B, ZHAO Y C, et al.Data security and privacy-preserving in edge computing paradigm:survey and open issues[J].IEEE Access, 2018, 6:18209-18237.
[6] HAUS M, WAQAS M, DING A Y, et al.Security and privacy in Device-to-Device(D2D) communication:a review[J].IEEE Communications Surveys & Tutorials, 2017, 19(2):1054-1079.
[7] XU R H, PALANISAMY B, JOSHI J.QueryGuard:privacy-preserving latency-aware query optimization for edge computing[C]//Proceedings of TrustCom/BigDataSE.Washington D.C., USA:IEEE Press, 2018:1097-1106.
[8] ISLAMBOULI R, SWEIDAN Z, MOURAD A, et al.Towards trust-aware IoT hashing offloading in mobile edge computing[C]//Proceedings of International Conference on Wireless Communications and Mobile Computing.Washington D.C., USA:IEEE Press, 2020:2216-2221.
[9] WU D X, SHEN G H, HUANG Z Q, et al.A trust-aware task offloading framework in mobile edge computing[J].IEEE Access, 2019, 7:150105-150119.
[10] XU J L, WANG S G, BHARGAVA B K, et al.A blockchain-enabled trustless crowd-intelligence ecosystem on mobile edge computing[J].IEEE Transactions on Industrial Informatics, 2019, 15(6):3538-3547.
[11] WANG T, LUO H, ZHENG X, et al.Crowdsourcing mechanism for trust evaluation in CPCS based on intelligent mobile edge computing[J].ACM Transactions on Intelligent Systems and Technology, 2019, 10(6):1-19.
[12] MILNER R.The space and motion of communicating agents[M].Oxford, UK:Cambridge University Press, 2009.
[13] BENNANI N, BOUKADI K, GHEDIRA-GUEGAN C.A trust management solution in the context of hybrid clouds[C]//Proceedings of the 23rd IEEE International WETICE Conference.Washington D.C., USA:IEEE Press, 2014:339-344.
[14] HUSSAIN M, ALMOURAD B M.Trust in mobile cloud computing with LTE-based deployment[C]//Proceedings of the 11th International Conference on Ubiquitous Intelligence and Computing and the 11th IEEE International Conference on Autonomic and Trusted Computing and the 14th IEEE International Conference on Scalable Computing and Communications and Its Associated Workshops.Washington D.C., USA:IEEE Press, 2014:643-648.
[15] DENG X H, LIU J, WANG L L, et al.A trust evaluation system based on reputation data in Mobile edge computing network[J].Peer-to-Peer Networking and Applications, 2020, 13(5):1744-1755.
[16] 彭焕峰, 黄志球, 刘林源, 等.服务组合安全隐私信息流静态分析方法[J].软件学报, 2018, 29(6):1739-1755. PENG H F, HUANG Z Q, LIU L Y, et al.Static analysis method of secure privacy information flow for service composition[J].Journal of Software, 2018, 29(6):1739-1755.(in Chinese)
[17] ELSAYED M, ZULKERNINE M.IFCaaS:information flow control as a service for cloud security[C]//Proceedings of the 11th International Conference on Availability, Reliability and Security.Washington D.C., USA:IEEE Press, 2016:211-216.
[18] ZENG W, KOUTNY M, WATSON P, et al.Formal verification of secure information flow in cloud computing[J].Journal of Information Security and Applications, 2016, 27/28:103-116.
[19] CAO Y, HUANG Z Q, KE C B, et al.A topology-aware access control model for collaborative cyber-physical spaces:specification and verification[J].Computers & Security, 2019, 87:1-10.
[20] BACCI G, GROHMANN D, MICULAN M.DBtk:a toolkit for directed bigraphs[C]//Proceedings of International Conference on Algebra and Coalgebra in Computer Science.Berlin, Germany:Springer, 2009:413-422.
[21] FAITHFULL A J, PERRONE G, HILDEBRANDT T.Big Red:a development environment for bigraphs[J].Electronic Communications of the Easst, 2013, 61:1-10.
[22] SEVEGNANI M, CALDER M.BigraphER:rewriting and analysis engine for bigraphs[C]//Proceeding of International Conference on Computer Aided Verification.Berlin, Germany:Springer, 2016:494-501.
[23] PERRONE G, DEBOIS S, HILDEBRANDT T T.A verification environment for bigraphs[J].Innovations in Systems and Software Engineering, 2013, 9(2):95-104.

Please choose a citation manager

Content to export