Page 382 - Kaleidoscope Academic Conference Proceedings 2024
P. 382
2024 ITU Kaleidoscope Academic Conference
gradually become prominent. Throughout the entire lifecycle resource information management system used an efficient
of operation and service provision, CFN include nodes computing force resource verification mechanism to remotely
accessing the network, orchestration, scheduling, computing prove the service capabilities of the computing force resource
force trading and data flow. The ubiquitous distribution pool, and trusted parsing of user submitted computing tasks
of computing force in the cloud, edge, and terminal has was performed through the computing force request security
further deepened the demand for interconnectivity among parsing mechanism.
computing force nodes, making the network environment Therefore, analyzing CFN risks and proposing CFN security
more complex and facing many risks. The research on CFN protection should consider these factors.
security architecture and data governance technology is of
great significance for promoting the improvement of CFN 3. CFN SECURITY RISKS
security system construction.
The new architecture and new technology of CFN have
This article analyzes the potential security risks of CFN
various security risks to overcome. Figure 3 analyzes
from infrastructure, orchestration management, operational
the potential security risks of the CFN from the aspects
services, and cross layer data. And the architecture of CFN
of infrastructure, orchestration management, operational
security system and protection measures are proposed to
services, and cross-layer data according to the basic
promote the construction of CFN security. At the same time,
architecture of the CFN.
research on application cases of CFN security to guide the
industry in improving CFN security capabilities and assisting
3.1 Risks to Infrastructure Security
in the healthy development of CFN.
The infrastructure of the CFN uses a variety of computing
2. RELEATED WORK nodes, which have different levels of security and trust. Once
the multi-form computing force nodes are attacked, security
Computing force network has gained intensive discussions
risks may be introduced into the entire CFN, such as data
and wide investigations in recent years. In fact, conventional
leakage in cloud computing, insecure interfaces, service and
security protection solutions do not cover CFN scenarios,
account hijacking, session fixation, DoS attacks, malicious
while 3GPP and other international standards organizations
insiders, shared technical problems and data loss [12]. As the
are still working on CFN standards. For better understanding
computing force expands widely to the terminal side and edge,
the CFN security, there are some researches about
the exposure surface is also constantly expanding, which
orchestration scheduling, computing force trading, and data
makes the pan-terminal particularly vulnerable to security.
flow and so on.
Integrated network of IPv6 segment routing (SRv6), software
Many studies[3, 4, 5, 6] have focused on the security defined wide area network (SD-WAN) and deterministic
architecture of CFN and analyzed the main security risks network will also bring potential network infrastructure
currently faced by computing force networks. Jiang [7] et security issues to the CFN. At the same time, with the
al. proposed a user behavior based method for evaluating development of the computing force economy, artificial
user identity credibility in cloud computing environments intelligence computing force infrastructure is growing
to address the issue of important information resource rapidly. However, due to the vulnerability of artificial
leakage caused by illegal users attacking internal services. intelligence itself, the process is difficult to explain,
Murcia [8] et al. proposed a secure orchestration design the behavior is difficult to predict and the results are
for CFN, using a policy based approach to orchestrate uncontrollable. In the application process, security issues
dynamic services and security in distributed computing, and such as data model theft, adversarial sample attacks have
managing default security orchestration in a combination been exposed, bringing more complex and diverse security
of active and passive ways to ensure that the provided risks [4].
services meet user security requirements. Zhang [9]
et al. proposed an active defense algorithm based on 3.2 Risks to Orchestration Management Security
deep reinforcement learning to resist control layer DDoS
attacks in a distributed SDN architecture for CFN. The Network information is gathered in the orchestration
algorithm iteratively optimizes action selection strategies and management layer, and the security of the orchestration
intelligently selects multi controller deployment schemes. In management layer will affect the normal orchestration
a work on transaction security [10], the zero knowledge scheduling service of the CFN. Due to the ubiquitous
proof method was proposed to address the issue of nature of computing force nodes, once a node is attacked
information transparency on the chain during the transaction or counterfeited, false computing force information can
process in traditional blockchain systems. Gao [11] et al. be uploaded, which will seriously affect the reliability of
designed a resource management security architecture for the network. At the same time, the extensive centralized
collaborative scheduling of computing force and network storage of infrastructure information increases the risk of
resources. Based on the computing force resource security hackers attacking, stealing, and tampering with data from
notification protocol, its own computing force and service the orchestration management layer.
capabilities were notified to the computing force resource In addition, the abuse of computing force is also an issue that
information management system. The computing force cannot be ignored. Network hackers or malicious attackers
– 338 –
