Smart Grid and Internet of Things. 4th EAI International Conference, SGIoT 2020, TaiChung, Taiwan, December 5–6, 2020, Proceedings

Research Article

An Industrial-Grade API Secure Access Gateway in the Cloud-Edge Integration Scenario

Download
273 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-69514-9_6,
        author={Sai Liu and Zhen-Jiang Zhang and Yong Cui and Yang Zhang},
        title={An Industrial-Grade API Secure Access Gateway in the Cloud-Edge Integration Scenario},
        proceedings={Smart Grid and Internet of Things. 4th EAI International Conference, SGIoT 2020, TaiChung, Taiwan, December 5--6, 2020, Proceedings},
        proceedings_a={SGIOT},
        year={2021},
        month={7},
        keywords={Cloud-Edge Integration API Gateway Secure Access Zero Trust Authentication},
        doi={10.1007/978-3-030-69514-9_6}
    }
    
  • Sai Liu
    Zhen-Jiang Zhang
    Yong Cui
    Yang Zhang
    Year: 2021
    An Industrial-Grade API Secure Access Gateway in the Cloud-Edge Integration Scenario
    SGIOT
    Springer
    DOI: 10.1007/978-3-030-69514-9_6
Sai Liu1, Zhen-Jiang Zhang1, Yong Cui2, Yang Zhang1
  • 1: Beijing Jiaotong University
  • 2: Thunisoft Information Technology Co. Ltd.

Abstract

In recent years, the Internet of Things technology has developed rapidly. Due to the large number of devices at the edge, the wide distribution range, and the complex environment, cloud computing and edge computing failed to fully consider security risks at the beginning of the combination, and traditional protection methods can no longer fully meet their security requirements. The establishment of a new cloud-edge integrated security system is of great significance for ensuring the data and privacy of Internet users. This article first investigates the current status of traditional network security and analyzes its inherent shortcomings, and analyzes the organizational structure and main advantages of the zero-trust network. Designed a security certification system that meets the needs of cloud-edge integrated applications. The API security access gateway part of the system is designed and implemented. According to the type of client access request, it is equipped with multiple authentication methods. It also realized the functions of reverse proxy, load balancing, flow control, log audit, analysis and monitoring of microservices, and finally developed a supporting UI management tool based on Vue. This design provides a new set of secure access solutions for clients and microservices, which has produced good industrial benefits. It is of great significance to promote the development and popularization of cloud-edge integration.