Cloud edge integrated security architecture of new cloud manufacturing system

doi:10.23919/JSEE.2024.000112

Journal of Systems Engineering and Electronics ›› 2024, Vol. 35 ›› Issue (5): 1177-1189.doi: 10.23919/JSEE.2024.000112

• SYSTEMS ENGINEERING • Previous Articles Next Articles

Cloud edge integrated security architecture of new cloud manufacturing system

Longbo ZHAO(), Bohu LI(), Haitao YUAN()

School of Automation Science and Electrical Engineering, Beihang University, Beijing100191, China

Received:2024-06-07 Online:2024-10-18 Published:2024-11-06
Contact: Longbo ZHAO E-mail:zlbbuaa@126.com;bohuli@moon.bjnet.edu.cn;yuan@buaa.edu.cn
About author:
ZHAO Longbo was born in 1983. He received his B.S. degree from Beihang University, Beijing, China in 2005. He is currently pursuing his Ph.D. degree of automation science and electrical engineering in Beihang University. His research interests include cloud manufacturing, network security, and deep learning. E-mail: zlbbuaa@126.com

LI Bohu was born in 1938. He graduated from Tsinghua University, Beijing, China, in 1961. His research interests include distributed simulation and cloud computing. He is a member of the Chinese Academy of Engineering. E-mail: bohuli@moon.bjnet.edu.cn

YUAN Haitao was born in 1986. He received his Ph.D. degree in computer engineering from New Jersey Institute of Technology, Newark, New Jersey, USA, in 2020. He is currently an associate professor at the School of Automation Science and Electrical Engineering in Beihang University, Beijing, China. His research interests include cloud computing, edge computing, data centers, big data, machine learning, deep learning, and optimization algorithms. E-mail: yuan@buaa.edu.cn

Abstract

Abstract:

With the rapid development of cloud manufacturing technology and the new generation of artificial intelligence technology, the new cloud manufacturing system (NCMS) built on the connotation of cloud manufacturing 3.0 presents a new business model of “Internet of everything, intelligent leading, data driving, shared services, cross-border integration, and universal innovation”. The network boundaries are becoming increasingly blurred, NCMS is facing security risks such as equipment unauthorized use, account theft, static and extensive access control policies, unauthorized access, supply chain attacks, sensitive data leaks, and industrial control vulnerability attacks. Traditional security architectures mainly use information security technology, which cannot meet the active security protection requirements of NCMS. In order to solve the above problems, this paper proposes an integrated cloud-edge-terminal security system architecture of NCMS. It adopts the zero trust concept and effectively integrates multiple security capabilities such as network, equipment, cloud computing environment, application, identity, and data. It adopts a new access control mode of “continuous verification + dynamic authorization”, classified access control mechanisms such as attribute-based access control, role-based access control, policy-based access control, and a new data security protection system based on blockchain, achieving “trustworthy subject identity, controllable access behavior, and effective protection of subject and object resources”. This architecture provides an active security protection method for NCMS in the digital transformation of large enterprises, and can effectively enhance network security protection capabilities and cope with increasingly severe network security situations.

Key words: new cloud manufacturing system (NCMS), integrated cloud-edge-terminal, security system architecture, zero trust

Longbo ZHAO, Bohu LI, Haitao YUAN. Cloud edge integrated security architecture of new cloud manufacturing system[J]. Journal of Systems Engineering and Electronics, 2024, 35(5): 1177-1189.

Figures/Tables 7

Fig 1

Fig 2

Fig 3

Fig 4

Fig 5

Fig 6

Fig 7

References 31

1	LI B H, CHAI X D, HOU B C, et al Cloud manufacturing system 3.0—a new intelligent manufacturing system in the “Intelligent+” era.. Computer Integrated Manufacturing System, 2019, 25 (12): 2997- 3012.
2	XIAO W L, ZHANG K Y, WANG S P, et al STEP-NC enabled edge-cloud collaborative manufacturing system for compliant CNC machining. Journal of Manufacturing Systems, 2024, 72, 460- 474. doi: 10.1016/j.jmsy.2023.12.005
3	EHSAN M, MASOOD F, MORTEZA G, et al A framework for throughput bottleneck analysis using cloud-based cyber-physical systems in Industry 4. 0 and smart manufacturing. Procedia Computer Science, 2024, 232, 3121- 3130. doi: 10.1016/j.procs.2024.02.128
4	LI B H, CHAI X D, ZHANG L, et al Accelerate the development of intelligent manufacturing technologies, industries, and application under the guidance of a new generation of artistic intelligence technology. Engineering Sciences, 2018, 20 (4): 81- 86.
5	XIANG F, ZHOU P, ZUO Y, et al Manufacturing service network of digital twin systems under cloud computing environment. Procedia CIRP, 2022, 109, 460- 465. doi: 10.1016/j.procir.2022.05.318
6	XU H Analysis of industrial Internet security problems and countermeasures in the 5G era. Network Security Technology and Application, 2024, 3, 86- 87.
7	CHENG M, LI S M, WANG Y H, et al A new model for network security situation assessment of the industrial internet. Computers, Materials and Continua, 2023, 75 (2): 2527- 2555. doi: 10.32604/cmc.2023.036427
8	LIU X X, ZHANG J X, YIN W, et al Quantitative cyber-physical security analysis methodology for industrial control systems based on incomplete information Bayesian game. Computers and Security, 2021, 102, 102138. doi: 10.1016/j.cose.2020.102138
9	WANG F Research on optimization algorithms for artificial intelligence network security management based on All IP internet of things fusion technology. Computers and Electrical Engineering, 2024, 115, 109105. doi: 10.1016/j.compeleceng.2024.109105
10	HUANG T X, DU B, LI C H, et al Strong identity authentication and key agreement protocol for industrial Internet. Network Security Technology and Application, 2024, (2): 22- 25.
11	NIMISH M, SK H I, SHERALI Z A survey on security and cryptographic perspective of industrial-internet-of-things. Internet of Things, 2024, 25, 101037. doi: 10.1016/j.iot.2023.101037
12	GUO Y M, GUO Y J, ZHANG C D, et al A provably secure and practical end-to-end authentication scheme for tactile industrial internet of things. Pervasive and Mobile Computing, 2024, 98, 101877. doi: 10.1016/j.pmcj.2024.101877
13	GIOVANNI S, ANNALISA N, FLAVIO F, et al A comprehensive survey on the security of low power wide area networks for the internet of things. ICT Express, 2024, 3 (10): 519- 552.
14	IZHAR A K, MARWA K, DECHANG P, et al Enhancing IoT networks protection: a robust security model for attack detection in internet industrial control systems. Ad Hoc Networks, 2022, 134, 102930. doi: 10.1016/j.adhoc.2022.102930
15	Farallon Technology Group. Zero trust manufacturing-how to navigate complex supply chains to build trusted IoT terminals. https://www. keyfactor. com.
16	LI P Y, XIA J Q, WANG Q, et al Secure architecture for industrial edge of things (IEoT): a hierarchical perspective. Computer Networks, 2024, 251, 110641. doi: 10.1016/j.comnet.2024.110641
17	DJAMEL E K, ABDELMADJID B, HICHAM L Internet of things security: a top-down survey. Computer Networks, 2018, 141, 199- 221. doi: 10.1016/j.comnet.2018.03.012
18	FLAUZAC O, GONZALEZ C New security architecture for IoT network. Procedia Computer Science, 2015, 52, 1028- 1033. doi: 10.1016/j.procs.2015.05.099
19	HUANG S, HUANG B Q Cloud manufacturing platform security architecture. Computer Integrated Manufacturing Systems, 2018, 24 (4): 851- 860.
20	WU J X. Endogenous security in the cyberspace: mimic defense and generalized robust control. Beijing: Science Press, 2020. (in Chinese)
21	WANG H Z, LIU J W Current status and key technologies of network endogenous security research. ZTE Technology Journal, 2022, 28 (6): 2- 11.
22	QI X D. Vulnerability. Shanghai: Tongji University Press, 2021. (in Chinese)
23	MUHAMMAD A A, SIDRAH A, YUSSUF H A, et al Verify and trust: a multidimensional survey of zero-trust security in the age of IoT. Internet of Things, 2024, 27, 101227. doi: 10.1016/j.iot.2024.101227
24	MAHREEN S, WARSI M R, SAIFUL I Secure information processing for multimedia forensics using zero-trust security model for large scale data analytics in SaaS cloud computing environment. Journal of Information Security and Applications, 2023, 72, 103389. doi: 10.1016/j.jisa.2022.103389
25	ZHANG J C, ZHENG J, ZHANG Z, et al ATT&CK-based advanced persistent threat attacks risk propagation assessment model for zero trust networks. Computer Networks, 2024, 245, 110376. doi: 10.1016/j.comnet.2024.110376
26	WU Q L, KONG S, HAN F Building a modern security protection architecture for enterprises based on the zero trust concept. Information and Communication Technology, 2021, 15 (6): 26- 31.
27	LUCA F, FEDERICO M, MAURO A, et al Survivable zero trust for cloud computing environments. Computers and Security, 2021, 110, 102419. doi: 10.1016/j.cose.2021.102419
28	BI J, LIN Y Z, DONG Q X, et al Large-scale water quality prediction with integrated deep neural network. Information Sciences, 2021, 571, 191- 205. doi: 10.1016/j.ins.2021.04.057
29	BIN Z, CHENG J S, ZHANG Z H, et al Degradation prediction model for proton exchange membrane fuel cells based on long short-term memory neural network and Savitzky-Golay filter. International Journal of Hydrogen Energy, 2021, 46 (29): 15928- 15937. doi: 10.1016/j.ijhydene.2021.02.069
30	MA B, JIA J, DONG G WAGAN: industrial control sensor data anomaly detection method based on wavelet transform and attention mechanism. Journal of Chinese Computer Systems, 2023, 44 (1): 168- 176.
31	BI J, ZHANG X, YUAN H T, et al A hybrid prediction method for realistic network traffic with temporal convolutional network and LSTM. IEEE Trans. on Automation Science and Engineering, 2022, 19 (3): 1869- 1879. doi: 10.1109/TASE.2021.3077537

Cloud edge integrated security architecture of new cloud manufacturing system

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

Share this article

Figures/Tables 7

References 31

Related Articles 0

Recommended Articles

Metrics

Comments