Research Article
An Industrial-Grade API Secure Access Gateway in the Cloud-Edge Integration Scenario
@INPROCEEDINGS{10.1007/978-3-030-69514-9_6, author={Sai Liu and Zhen-Jiang Zhang and Yong Cui and Yang Zhang}, title={An Industrial-Grade API Secure Access Gateway in the Cloud-Edge Integration Scenario}, proceedings={Smart Grid and Internet of Things. 4th EAI International Conference, SGIoT 2020, TaiChung, Taiwan, December 5--6, 2020, Proceedings}, proceedings_a={SGIOT}, year={2021}, month={7}, keywords={Cloud-Edge Integration API Gateway Secure Access Zero Trust Authentication}, doi={10.1007/978-3-030-69514-9_6} }
- Sai Liu
Zhen-Jiang Zhang
Yong Cui
Yang Zhang
Year: 2021
An Industrial-Grade API Secure Access Gateway in the Cloud-Edge Integration Scenario
SGIOT
Springer
DOI: 10.1007/978-3-030-69514-9_6
Abstract
In recent years, the Internet of Things technology has developed rapidly. Due to the large number of devices at the edge, the wide distribution range, and the complex environment, cloud computing and edge computing failed to fully consider security risks at the beginning of the combination, and traditional protection methods can no longer fully meet their security requirements. The establishment of a new cloud-edge integrated security system is of great significance for ensuring the data and privacy of Internet users. This article first investigates the current status of traditional network security and analyzes its inherent shortcomings, and analyzes the organizational structure and main advantages of the zero-trust network. Designed a security certification system that meets the needs of cloud-edge integrated applications. The API security access gateway part of the system is designed and implemented. According to the type of client access request, it is equipped with multiple authentication methods. It also realized the functions of reverse proxy, load balancing, flow control, log audit, analysis and monitoring of microservices, and finally developed a supporting UI management tool based on Vue. This design provides a new set of secure access solutions for clients and microservices, which has produced good industrial benefits. It is of great significance to promote the development and popularization of cloud-edge integration.