Page 315 - Kaleidoscope Academic Conference Proceedings 2024

P. 315

Innovation and Digital Transformation for a Sustainable World

verify the secure and trustworthy protection capabilities security services, protect the privacy and security of CNC,
proposed in this paper. and offer technical support and practical evidence for a
Our solution can reduce the overall energy consumption by communication concept that emphasizes both "green" and
storing warm and cold data in the western region instead of "security".
in the eastern region. For example, taking storing 1000 TB
of data as an example, the energy consumption for storage is 5. CONCLUSION
about 22.68 kW for one day, and 143.64 kW for computing.
Typical economically active eastern regions such as This paper proposes a comprehensive technical solution
Zhejiang Province have an electricity bill of about 1.0 yuan. aimed at optimizing the use of computing resources,
But for Guizhou Province in the western region has an reducing energy consumption, and addressing security issues
electricity bill of about 0.5 yuan. Intuitively, the off-site introduced by cross-regional data flow. The implementation
storage of data can save 50% on electricity bills. In addition, of this solution in the context of the east-data-west-
Guizhou has abundant water resources and low average computing project has the following advantages over
temperatures. The use of clean energy can reduce carbon existing technologies:
emissions, and the suitable temperature can also reduce the
cooling energy consumption of operating datacenters. 1) Green Communications Practice: The solution
presented in this paper is based on the concept of green
In the deployment and testing, the capabilities of trusted communications. It explores the practical issues arising in
identification, trusted computing, trusted verification, and the east-data-west-computing project and provides a
high-speed cryptography mentioned in this paper all complete solution, thereby facilitating the practical
functioned normally and achieved the anticipated goals. implementation of the east-data-west-computing project and
Trusted identification uniformly issues trusted identities to pushing the communications industry towards a path of
the eastern node and western node, implementing device green, low-carbon, and sustainable development.
access management. Trusted computing builds secure
storage spaces within different nodes, strengthening key 2) Enhanced Security Assurance: Combining technologies
management of devices. Trusted verification uses the such as confidential computing, blockchain, and high-speed
blockchain to certify DPI log information, ensuring the encryption, the solution offers a solid technical foundation
integrity of data content. High-speed encryption builds a for the secure and trustworthy protection of CNC. Through
secure channel between nodes, completing data encryption actual deployment and testing, the solution has been proven
and decryption. Particularly, the GPU heterogeneous to effectively protect data privacy and device security in real
cryptographic acceleration technology increases the environments, ensuring the safety of cross-domain data flow.
encryption performance of SM2, SM3, and SM4 by 20-55
times compared with encryption without hardware
acceleration, as shown in Figure 6. 3) Innovative Data Management: The solution conducts
in-depth research and innovative applications in areas such
as the certification of computing devices, the establishment
of a trustworthy environment for heterogeneous computing
nodes, and the secure transmission of data in dynamic
environments. Through these measures, it effectively
achieves secure data circulation and trustworthy
management, enhancing the credibility and security of data
throughout its lifecycle in the resource scheduling process.

REFERENCES

[1] ITU, "Use cases for supporting the coordination of
computing and networking for Developing
Countries": https://www.itu.int/ITU-
Figure 6 - High-Speed Encryption Performance T/workprog/wp_item.aspx?isn=19170
Improvement
In real-world deployments, CPU chips that support TEE are [2] Rabimba Karanjai, Rowan Collier, Zhimin Gao,
not yet widely used, and GPUs are still a scarce resource in Lin Chen, Xinxin Fan, et al." Decentralized
datacenters. Therefore, our solution provides a partially Translator of Trust: Supporting Heterogeneous
deployed version. For example, we can only configure the TEE for Critical Infrastructure Protection.,"
blockchain capability to verify the east-west data Proceedings of the 5th ACM International
transmission, sacrificing some performance without using Symposium on Blockchain and Secure Critical
GPUs. We can also use pluggable TEE hardware devices for Infrastructure (BSCI '23). ACM, New York,
more flexible deployment. pp.249-264.2023.
This case in Guizhou demonstrates that the scheme proposed
in this paper can provide a reliable asset access method in [3] Clemens Brunner, Ulrich Gallersdörfer, Fabian
real environments, effectively reduce the operational costs of Knirsch, Dominik Engel, and Florian Matthes,

– 271 –

310 311 312 313 314 315 316 317 318 319 320