[go: up one dir, main page]

WO2025232412A1 - Computing information acquisition method and apparatus, and device and medium - Google Patents

Computing information acquisition method and apparatus, and device and medium

Info

Publication number
WO2025232412A1
WO2025232412A1 PCT/CN2025/087030 CN2025087030W WO2025232412A1 WO 2025232412 A1 WO2025232412 A1 WO 2025232412A1 CN 2025087030 W CN2025087030 W CN 2025087030W WO 2025232412 A1 WO2025232412 A1 WO 2025232412A1
Authority
WO
WIPO (PCT)
Prior art keywords
computing
resource
information
computational
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/CN2025/087030
Other languages
French (fr)
Chinese (zh)
Inventor
陆黎
耿慧拯
粟栗
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Research Institute of China Mobile Communication Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Research Institute of China Mobile Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, Research Institute of China Mobile Communication Co Ltd filed Critical China Mobile Communications Group Co Ltd
Publication of WO2025232412A1 publication Critical patent/WO2025232412A1/en
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals

Definitions

  • This disclosure relates to the field of cloud computing technology, and in particular to a method, apparatus, device and medium for acquiring computing information.
  • the computing power of the computing resources is usually taken as the main selection criterion, such as the current session concurrency of the computing resources, the comprehensive computing capabilities of the computing resources (such as bandwidth, central processing unit (CPU) etc.), etc., and then the computing resources with the optimal computing power are determined based on certain criteria and selected as the best choice.
  • the main selection criterion such as the current session concurrency of the computing resources, the comprehensive computing capabilities of the computing resources (such as bandwidth, central processing unit (CPU) etc.), etc.
  • the aforementioned method of selecting computing resources based on computing power does not consider the security status of computing resources and is difficult to meet the security requirements of special computing tasks.
  • different computing tasks have different security requirements, such as data confidentiality and verifiability of computation results (to prevent forgery of computation results).
  • the attributes, security protection measures, and available secure computing methods of computing resources typically differ, the degree to which different computing resources and secure computing methods meet the security requirements of computing tasks varies. Therefore, how to adapt appropriate computing resources and computing methods to computing tasks to meet their security requirements has become an urgent problem to be solved.
  • the purpose of this disclosure is to provide a method, apparatus, device, and medium for acquiring computational information, in order to solve the problem that the selection of computing resources for computing tasks in related technologies cannot meet the security requirements of computing tasks.
  • One embodiment of this disclosure provides a method for obtaining computational information, comprising:
  • the target computing resource and target computing method for performing the first computing task are obtained from the at least one computing resource and the corresponding computing method.
  • the computational information acquisition method further includes:
  • the computational information acquisition method further includes one or more of the following:
  • the first indicator information is obtained based on the computation information of historical computation tasks performed using the computing resources within a first preset time range
  • the second indicator information is obtained based on the calculation information of historical calculation tasks performed using the calculation method within the second preset time range.
  • the computational information acquisition method wherein obtaining the security evaluation result of each computational resource corresponding to different computational methods based on the first indicator information and the second indicator information includes:
  • a first security score corresponding to the computing resource is obtained; and based on each second indicator information of the computing resource using one of the calculation methods, a corresponding second security score is obtained.
  • a security evaluation result is obtained for the computing resource corresponding to one of the computing methods.
  • the computational information acquisition method wherein obtaining a first security score corresponding to the computational resource based on each first indicator information of the computational resource includes:
  • the first security score corresponding to the computing resource is obtained.
  • the computational information acquisition method wherein obtaining a corresponding second security score based on each second indicator information of the computational resources using one of the computational methods, includes:
  • the second security score corresponding to the computing resource using one of the calculation methods is obtained.
  • the computational information acquisition method wherein obtaining the security evaluation result of the computational resource corresponding to one of the computational methods based on the first security score and the second security score includes:
  • the first security score and the second security score are weighted to obtain the security evaluation result of the computing resource corresponding to one of the computing methods.
  • the computational information acquisition method wherein obtaining the target computational resources and target computational method for performing the first computational task based on the security evaluation result includes:
  • the target computing resources and target computing method for executing the first computing task are obtained.
  • the resource selection strategy information includes one or more of the following:
  • the computational information acquisition method wherein obtaining the target computational resources and target computational method for executing the first computational task based on the resource selection strategy information of the first computational task and the security evaluation result includes:
  • each candidate resource information includes a computing resource and a corresponding computing method.
  • the resource information corresponding to the highest value of the security evaluation result is selected as the target selection resource information; wherein, the computing resource in the target selection resource information is the target computing resource, and the calculation method in the target selection resource information is the target calculation method.
  • the step of selecting the resource information to be selected corresponding to the highest value of the security evaluation result as the target resource information includes:
  • the resource information with the highest value of the security evaluation result is selected as the target resource information, and the resource information with the second priority as the optimal resource selection factor is selected from the resource information to be selected.
  • the computational information acquisition method further includes one or more of the following:
  • the multiple sets of resource information to be selected are sorted.
  • the resource information to be selected with the highest value of the security evaluation result is sorted.
  • the computational information acquisition method wherein obtaining the target computational resources and target computational method for executing the computational task based on the resource selection strategy information of the first computational task and the security evaluation result includes:
  • the computing resources are sorted according to the numerical order of the first resource selection factor from high to low to obtain the optimal computing resources.
  • the target computing resources and target computing methods for performing the first computing task are determined.
  • the computational information acquisition method wherein determining the target computational resources and target computational method for performing the first computational task based on the security evaluation result corresponding to the optimal computational resources, includes:
  • the resource selection factor with the next highest priority after the first priority is selected as the second resource selection factor.
  • the optimal computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. If the second resource selection factor is a security factor, the optimal computing resources obtained in the previous sorting are combined with the corresponding calculation methods and sorted according to the numerical order of the corresponding security evaluation results from high to low to obtain the optimal candidate resource information.
  • the optimal computing resource in the candidate resource information is selected as the target computing resource, and the computing method in the candidate resource information is selected as the target computing method.
  • One embodiment of this disclosure also provides a computational information acquisition device, comprising:
  • the information acquisition module is used to acquire first indicator information of at least one computing resource, and to acquire second indicator information of the computing method used for each computing resource.
  • the first determining module is used to obtain the security evaluation results of different computing methods corresponding to each computing resource based on the first indicator information and the second indicator information.
  • the second determining module is used to obtain, based on the security evaluation result, the target computing resource and the target computing method used to perform the first computing task from among the at least one computing resource and the corresponding computing method.
  • One embodiment of this disclosure also provides a network device, which includes a processor, a memory, and a program stored in the memory and executable on the processor, wherein the program, when executed by the processor, implements the computational information acquisition method as described in any of the preceding claims.
  • One embodiment of this disclosure also provides a readable storage medium, wherein a program is stored on the readable storage medium, and when the program is executed by a processor, it implements the steps in the computational information acquisition method described in any of the preceding claims.
  • One embodiment of this disclosure also provides a computer program product, which includes computer instructions that, when executed by a processor, implement the steps in the computational information acquisition method described in any of the preceding claims.
  • the computational information acquisition method described in this embodiment comprehensively evaluates computational resources and corresponding computational methods to determine the security evaluation results of different computational methods corresponding to the computational resources. Based on the security evaluation results, it determines the computational resources and computational methods used to perform the computational task, so as to select suitable computational resources and computational methods for the computational task by using appropriate security computational methods, thereby achieving the effect of meeting the security requirements of the computational task.
  • Figure 1 is a flowchart illustrating the information acquisition method according to an embodiment of this disclosure
  • Figure 2 is a schematic diagram of one embodiment of sorting computing resources using the method described in this disclosure
  • Figure 3 is a schematic diagram of another embodiment of sorting computing resources using the method described in the present disclosure.
  • Figure 4 is a schematic diagram of the structure of the computational information acquisition device according to an embodiment of this disclosure.
  • first and second used in this disclosure and in the claims are used to distinguish similar objects and not to describe a specific order or sequence. It should be understood that such terms can be used interchangeably where appropriate so that embodiments of this disclosure can be implemented in orders other than those illustrated or described herein, and the objects distinguished by “first” and “second” are generally of the same class, not limited in number; for example, a first object can be one or more. Furthermore, in the specification and claims, “and/or” indicates at least one of the connected objects, and the character “/” generally indicates that the preceding and following objects are in an “or” relationship.
  • this disclosure provides a method for obtaining computing information.
  • the security evaluation results of different computing methods corresponding to computing resources are determined.
  • the computing resources and computing methods used to execute the computing task are determined, so that suitable computing resources and computing methods can be selected for the computing task using appropriate secure computing methods, thereby achieving the effect of meeting the security requirements of the computing task.
  • One embodiment of this disclosure provides a method for obtaining computational information, as shown in Figure 1, including:
  • the computing task mentioned is any computing task and does not specifically refer to one of the computing tasks.
  • the computational information acquisition method described in this embodiment combines the first indicator information of at least one computational resource with the second indicator information of the computational method used by each computational resource to determine the security evaluation result of each computational resource corresponding to different computational methods. Based on the security evaluation result, the target computational resource and target computational method for executing the first computational task are determined. In this way, the computational resources and the computational methods they provide are comprehensively evaluated, and a security evaluation result is obtained, so as to determine the target computational resource and target computational method corresponding to executing the computational task from the perspective of meeting the security requirements of the computational task.
  • the method further includes one or more of the following:
  • the first indicator information is obtained based on the computation information of historical computation tasks performed using the computing resources within a first preset time range
  • the second indicator information is obtained based on the calculation information of historical calculation tasks performed using the calculation method within the second preset time range.
  • the method may optionally include:
  • the first indicator information is obtained based on the first pre-configuration information
  • the second indicator information is obtained based on the second pre-configuration information.
  • the first indicator information of computational resources and the second indicator information of computational methods can be obtained through information collection and/or pre-configuration information.
  • the first indicator information of the computing resources can be obtained by statistically analyzing the computing information of historical computing tasks performed using the computing resources within a first preset time range, and the other part of the first indicator information can be obtained by first pre-configuration information;
  • the second indicator information of the computing method can be obtained by statistically analyzing the computing information of historical computing tasks performed using the computing method within a second preset time range, and the other part of the second indicator information can be obtained by second pre-configuration information.
  • the first indicator information includes credibility indicator information and/or security capability indicator information; and/or
  • the second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy.
  • the first indicator information includes trustworthiness indicator information and/or security capability indicator information.
  • the trustworthiness indicator information of the computing resource represents the success rate of the computing resource executing historical computing tasks, and can be obtained by statistically analyzing the computing information of historical computing tasks executed by the computing resource within a first preset period T1 or a first preset time range.
  • this computing information includes, but is not limited to, the number of historical computing tasks executed and/or the number of successful historical computing tasks.
  • the trustworthiness indicator information can be obtained by comparing the number of successful historical computing tasks executed within the first preset period T1 or the first preset time range with the total number of historical computing tasks executed.
  • the higher the value of the trustworthiness indicator information the higher the trustworthiness of the computing resource.
  • the credibility index information is formed as a dynamic evaluation index for security evaluation of computing resources.
  • the calculation results of historical computing tasks can be obtained, and the credibility index information of each computing resource can be obtained.
  • the security capability index information of the computing resources can be obtained based on the first pre-configuration information, that is, it can be obtained through pre-configuration, such as through the first pre-configuration information.
  • This security capability index information can be a security capability level certificate issued by an authorized institution.
  • the second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy.
  • Confidentiality indicator information and verifiability indicator information can be referred to as security-related indicators in the second indicator information, while computation latency and computation accuracy can be referred to as non-security-related indicators in the second indicator information.
  • the confidentiality and verifiability metrics can be obtained through pre-configuration, such as through second pre-configured information.
  • the confidentiality metrics represent the degree of data confidentiality achievable by the computation method; optionally, a higher value for the confidentiality metrics indicates a higher degree of data confidentiality.
  • the verifiability metrics represent the degree of support the computation method provides for computational verification, which can be one or more of the following: no verification supported, verification supported, and conditional verification supported.
  • different values for the verifiability metrics represent different levels of support.
  • the computation latency can be obtained by statistically analyzing computation information of historical computation tasks executed using a computation method within a second preset period T2 or a second preset time range.
  • this computation information includes, but is not limited to, one or more of the following: the type of computation task, the amount of data, the completion time, whether a computation method was used, and the type of computation method used.
  • the computation latency of the computation method can be calculated and determined; similarly, the computation latency of each computation method can be obtained using the same method.
  • the computation latency can be the average computation latency when using the computation method to execute specific historical computation information.
  • the calculation accuracy can be obtained based on the second pre-configuration information, i.e., through a preset method.
  • This calculation accuracy can be expressed as the accuracy of the calculation method.
  • the security evaluation results for each computational resource corresponding to different computational methods can be obtained according to the first indicator information of the computational resource and the second indicator information of each corresponding computational method.
  • the security capability index information of the computing resource and one or more of the confidentiality index information, verifiability index information, and computing accuracy information of the corresponding computing method are obtained through a preset method; by extracting information and performing data analysis, the credibility index information of the computing resource and the computing latency of the corresponding computing method are obtained.
  • the first indicator information of computing resources and the second indicator information of computing methods can be shown in Table 1 below:
  • the credibility index information is located between (0, n), and the larger the value of the credibility index information, the higher the credibility of the computing resource;
  • the security capability index information is located between [0, n], and the larger the value of the security capability index information, the higher the security capability level of the computing resource;
  • the confidentiality index information is located between [0, n], and the larger the value of the confidentiality index information, the higher the confidentiality level of the confidentiality index of the calculation method;
  • the verifiability index information is located between [0, n], and different types of verifiability correspond to different values;
  • the computation latency is located between (0, n), and the larger the value of the computation latency, the larger the average latency of the computation task executed by the computation method;
  • the computation accuracy is located between (0, n), and the larger the value of the computation accuracy, the higher the accuracy of the computation task executed by the computation method.
  • the computational information acquisition method described in this disclosure further includes:
  • the requirements of the first computing task can be referred to as the indicator requirements of the first computing task, which may include requirements for computing indicators and/or requirements for security indicators.
  • the requirements of the first computing task include, but are not limited to, only the first indicator information and/or the second indicator information.
  • the requirements for computing indicators include computing latency and/or computing accuracy
  • the requirements for security indicators include reliability requirements, security capability requirements, confidentiality requirements and/or verifiability requirements.
  • computing resources and corresponding computing methods when there are specific requirements for performing the first computing task, by analyzing the computing index information of multiple computing resources and corresponding different computing methods used to perform historical computing tasks, computing resources and corresponding computing methods whose computing index information meets the requirements of the first computing task are selected. These are then used as the computing resources and computing methods for further screening and determining the target computing resources and target computing methods for performing the first computing task.
  • the target computing resources and target computing methods determined based on the security evaluation results calculated by each computing resource and corresponding to different computing methods can meet the requirements for performing the first computing task.
  • step S120 obtaining the security evaluation result of each computing resource corresponding to different computing methods based on the first indicator information and the second indicator information includes:
  • a first security score corresponding to the computing resource is obtained; and based on each second indicator information of the computing resource using one of the calculation methods, a corresponding second security score is obtained.
  • a security evaluation result is obtained for the computing resource corresponding to one of the computing methods.
  • obtaining a first security score corresponding to the computing resource based on each first indicator information of the computing resource includes:
  • the first security score corresponding to the computing resource is obtained.
  • a corresponding second security score is obtained, including:
  • the second security score corresponding to the computing resource using one of the calculation methods is obtained.
  • each of the first indicator information of one computing resource can be mapped to the corresponding first security indicator value through a mapping method, and each of the second indicator information of one computing method used by one of the computing resources can be mapped to the corresponding second security indicator value.
  • a first security score corresponding to one of the computing resources is determined based on each of the first security index values, and a second security score corresponding to one of the computing methods is determined based on each of the second security index values.
  • the first indicator information includes credibility indicator information and security capability indicator information, as shown in Table 1, for each computing resource, according to the first indicator information corresponding to the obtained computing resource, the corresponding first indicator information is mapped to a numerical value (that is, the first security indicator value), and normalization is performed, that is, as shown in Table 1, each first security indicator value is mapped to a value within (0, n).
  • the second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy, as shown in Table 1, for each computation method corresponding to each computation resource, the corresponding second indicator information is mapped to a numerical value (i.e., the second security indicator value) based on the obtained second indicator information corresponding to the corresponding computation method, and then normalized. That is, as shown in Table 1, each second security indicator value is mapped to a value within (0, n).
  • a second security score corresponding to the corresponding calculation method can be calculated based on the weights corresponding to different second index information.
  • the calculation method for the second security score can be the same as that for the first security score, and will not be repeated here.
  • the computational information acquisition method described in this embodiment of the present disclosure after obtaining a first security score of one of the computational resources and a second security score corresponding to one of the computational methods of the computational resource, optionally obtains a security evaluation value of the computational resource corresponding to the computational method by performing a weighted operation on the first security score and the second security score.
  • the way to determine the security evaluation value of computing resource i and the corresponding calculation method j is p*Si+q*S ij ; where Si is the first security score of the computing resource, and S ij is the second security score corresponding to one of the calculation methods j of the computing resource i.
  • the security evaluation values of different computing methods corresponding to different computing resources determined by the above method can be shown in Table 2 below:
  • step S130 obtaining the target computing resources and target computing method for performing the first computing task based on the security evaluation result includes:
  • the target computing resources and target computing method for executing the first computing task are obtained.
  • the resource selection strategy information includes one or more of the following:
  • the resource selection factors may optionally include, but are not limited to, one or more of security factors, computing power factors, and distance factors.
  • the computational information acquisition method described in this embodiment determines the target computational resources and target computational methods for executing the first computational task based on the security evaluation results and the resource selection strategy information of the first computational task. This incorporates the security computational method into the determination of the target computational resources and target computational methods of the first computational task, and integrates multiple factors of resource selection strategy to help achieve a more reasonable way of selecting computational resources and security computational methods.
  • step S130 based on the resource selection strategy information of the first computing task and the security evaluation result, a target computing resource and a target computing method for performing the first computing task are obtained, including:
  • each candidate resource information includes a computing resource and a corresponding computing method.
  • the resource information corresponding to the highest value of the security evaluation result is selected as the target selection resource information; wherein, the computing resource in the target selection resource information is the target computing resource, and the calculation method in the target selection resource information is the target calculation method.
  • the parameter thresholds in the resource selection factors include one or more of the following:
  • the first security threshold corresponding to the first security score of the computational resource
  • the second security threshold corresponding to the calculation method for the second security score
  • the computing power threshold corresponding to the computing power value factor
  • Distance threshold corresponding to distance factor
  • the resource selection strategy information of the first computing task includes parameter thresholds
  • computing resources and corresponding computing methods that meet the corresponding parameter thresholds for the corresponding resource selection factors are selected as the resource information to be selected, as the target computing resources and target computing methods for further determining the target computing resources and target computing methods for executing the first computing task.
  • the parameter threshold may include one or more of a first security threshold, a second security threshold, and a third security threshold.
  • the first security threshold, the second security threshold, and the third security threshold are included, the computing resources and corresponding computing methods that have a first security score greater than the first security threshold, a second security score greater than the second security threshold, and a security evaluation result greater than the third security threshold are selected as the resource information to be selected.
  • the resource information to be selected is formed as a combination including a computing resource and a computing method.
  • multiple computing resources and corresponding computing methods are filtered or screened through parameter thresholds in the resource selection factors to obtain multiple resource information to be selected, which is used to determine the target computing resource and target computing method for performing the first computing task.
  • the computing resources that meet the parameter thresholds and the corresponding computing methods mentioned are, that is, the parameter values of the corresponding resource selection factors determined based on the computing resources and the corresponding computing methods are greater than the corresponding parameter thresholds.
  • the priority can be configured to have different priority levels for security factors, computing power factors, and distance factors, such as configuring security factors as the first priority and computing power factors as the second priority, etc., and is not limited to this.
  • the method further includes one or more of the following:
  • the multiple sets of candidate resource information are sorted.
  • the resource information to be selected with the highest value of the security evaluation result is sorted.
  • the candidate resource information of the at least two groups is sorted according to the performance value of the resource selection factor with the second priority from high to low.
  • a secure computing method is introduced during the selection of target computing resources and target computing methods for the first computing task, and computing resources can support a variety of different computing methods, various security effects can be produced when a specific computing resource is combined with each secure computing method.
  • Computing resources that originally did not meet security conditions may meet security conditions after being combined with computing methods. Therefore, in this embodiment of the disclosure, the process of selecting computing resources with various inherent attributes (such as bandwidth, routing, and computing power) is changed to a process of selecting candidate resource information that includes a combination of computing resources (carrying inherent attributes) and computing methods.
  • the candidate resource information is selected, so that the selected target computing resources and target computing methods for executing the first computing task are more in line with the security requirements of the first computing task.
  • the resource selection process includes the following steps:
  • the multiple candidate resource information includes multiple computing resources and multiple computing methods, such as resource1+method1, resource1+method4, resource1+method3, ..., resource x+method2, etc. Based on the security evaluation results calculated in the above manner, multiple combinations of computing resources and computing methods can be sorted from high to low.
  • the candidate resource information is sorted according to the performance value of the resource selection factor with the second priority, from highest to lowest.
  • the combination of computing resources and computing methods of at least two groups with the highest security evaluation results is sorted according to the resource selection factor with the second priority.
  • the resource selection factor with the second priority can be the computing power factor; for the combination of computing resources and computing methods of at least two groups with the highest security evaluation values, the sorting can continue to be based on the computing power factor from highest to lowest.
  • the candidate resource information of the at least two groups of candidates with the highest performance value corresponding to the resource selection factor of the second priority is sorted again according to the order of the performance values of the resource selection factor of the third priority from high to low. This process is repeated until all factors with set priorities are sorted.
  • the combination of calculation resources and calculation methods with the highest security evaluation result and whose priorities of other resource selection factors meet the priorities set in the resource selection strategy information is selected as the target selection resource information.
  • selecting the resource information to be selected corresponding to the highest value of the security evaluation result as the target resource information includes:
  • the resource information with the highest value of the security evaluation result is selected as the target resource information, and the resource information with the second priority as the optimal resource selection factor is selected from the resource information to be selected.
  • the resource selection factor with the second priority is determined according to the priority of the resource selection factor.
  • the candidate resource information with the highest performance value corresponding to the second priority resource selection factor is the target selection resource information.
  • step S130 based on the resource selection strategy information of the first computing task and the security evaluation result, the target computing resources and target computing method for performing the computing task are obtained, including:
  • the computing resources are sorted according to the numerical order of the first resource selection factor from high to low to obtain the optimal computing resources.
  • the target computing resources and target computing methods for performing the first computing task are determined.
  • the target computing resources and target computing method for performing the first computing task are determined, including:
  • the resource selection factor with the next highest priority after the first priority is selected as the second resource selection factor.
  • the optimal computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. If the second resource selection factor is a security factor, the optimal computing resources obtained in the previous sorting are combined with the corresponding calculation methods and sorted according to the numerical order of the corresponding security evaluation results from high to low to obtain the optimal candidate resource information.
  • the optimal computing resource in the candidate resource information is selected as the target computing resource, and the computing method in the candidate resource information is selected as the target computing method.
  • the resource selection process includes the following steps:
  • the at least two computing resources with the highest performance value corresponding to the first resource selection factor are sorted.
  • the computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low.
  • the second resource selection factor is a security factor
  • the at least two computing resources obtained in the previous sorting and the corresponding computing methods are sorted according to the numerical order of the corresponding security evaluation results from high to low.
  • at least two computing resources in the highest ranking are sorted according to the next highest priority.
  • at least two computing resources in the highest ranking are sorted by a combination of computing resources and computing methods, that is, the resource sorting is extended to a sorting of a combination of computing resources and computing methods.
  • the sorting can continue based on the next priority resource selection factor. This process continues until all priority resource selection factors have been sorted. The combination of computing resources and computing methods in the optimal position is then selected as the corresponding target computing resources and target computing methods for executing the first computing task.
  • the computational information acquisition method described in this disclosure incorporates secure computational methods into the selection of computational resources and designs a comprehensive multi-factor computational resource decision-making strategy, which can help users make more reasonable selections of computational resources and secure computational methods.
  • One embodiment of this disclosure also provides a computational information acquisition device, as shown in FIG4, the device comprising:
  • the information acquisition module 410 is used to acquire first indicator information of at least one computing resource and second indicator information of the computing method used for each computing resource.
  • the first determining module 420 is used to obtain the security evaluation results of different computing methods corresponding to each computing resource based on the first indicator information and the second indicator information.
  • the second determining module 430 is used to obtain, based on the security evaluation result, the target computing resource and the target computing method used to perform the first computing task among the at least one computing resource and the corresponding computing method.
  • the computational information acquisition device described in this embodiment comprehensively evaluates computational resources and corresponding computational methods to determine the security evaluation results of different computational methods corresponding to the computational resources. Based on the security evaluation results, it determines the computational resources and computational methods used to perform computational tasks, so as to select suitable computational resources and computational methods for computational tasks using appropriate security computational methods, thereby achieving the effect of meeting the security requirements of computational tasks.
  • the second determining module 430 is further configured to:
  • the information acquisition module 410 is further configured to perform one or more of the following:
  • the first indicator information is obtained based on the computation information of historical computation tasks performed using the computing resources within a first preset time range
  • the second indicator information is obtained based on the calculation information of historical calculation tasks performed using the calculation method within the second preset time range.
  • the first indicator information includes trustworthiness indicator information and/or security capability indicator information; and/or
  • the second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy.
  • the first determining module 420 obtains a security evaluation result for each computational resource corresponding to a different computational method based on the first indicator information and the second indicator information, including:
  • a first security score corresponding to the computing resource is obtained; and based on each second indicator information of the computing resource using one of the calculation methods, a corresponding second security score is obtained.
  • a security evaluation result is obtained for the computing resource corresponding to one of the computing methods.
  • the first determining module 420 obtains a first security score corresponding to the computational resource based on each first indicator information of the computational resource, including:
  • the first security score corresponding to the computing resource is obtained.
  • the first determining module 420 obtains a corresponding second security score based on each second indicator information of the computational resource using one of the computational methods, including:
  • the second security score corresponding to the computing resource using one of the calculation methods is obtained.
  • the first determining module 420 obtains a security evaluation result of the computational resource corresponding to one of the computational methods based on the first security score and the second security score, including:
  • the first security score and the second security score are weighted to obtain the security evaluation result of the computing resource corresponding to one of the computing methods.
  • the second determining module 430 obtains the target computational resources and target computational method for performing the first computational task based on the security evaluation result, including:
  • the target computing resources and target computing method for executing the first computing task are obtained.
  • the resource selection strategy information includes one or more of the following:
  • the second determining module 430 obtains the target computational resources and target computational method for executing the first computational task based on the resource selection strategy information of the first computational task and the security evaluation result, including:
  • each candidate resource information includes a computing resource and a corresponding computing method.
  • the resource information corresponding to the highest value of the security evaluation result is selected as the target selection resource information; wherein, the computing resource in the target selection resource information is the target computing resource, and the calculation method in the target selection resource information is the target calculation method.
  • the second determining module 430 selects the resource information to be selected corresponding to the highest value of the security evaluation result as the target resource information, including:
  • the resource information with the highest value of the security evaluation result is selected as the target resource information, and the resource information with the second priority as the optimal resource selection factor is selected from the resource information to be selected.
  • the second determining module 430 is further configured to perform one or more of the following:
  • the multiple sets of resource information to be selected are sorted.
  • the resource information to be selected with the highest value of the security evaluation result is sorted.
  • the second determining module 430 obtains the target computational resources and target computational method for performing the computational task based on the resource selection strategy information of the first computational task and the security evaluation result, including:
  • the computing resources are sorted according to the numerical order of the first resource selection factor from high to low to obtain the optimal computing resources.
  • the target computing resources and target computing methods for performing the first computing task are determined.
  • the second determining module 430 determines the target computational resources and target computational method for performing the first computational task based on the security evaluation result corresponding to the optimal computational resources, including:
  • the resource selection factor with the next highest priority after the first priority is selected as the second resource selection factor.
  • the optimal computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. If the second resource selection factor is a security factor, the optimal computing resources obtained in the previous sorting are combined with the corresponding calculation methods and sorted according to the numerical order of the corresponding security evaluation results from high to low to obtain the optimal candidate resource information.
  • the optimal computing resource in the candidate resource information is selected as the target computing resource, and the computing method in the candidate resource information is selected as the target computing method.
  • One embodiment of this disclosure also provides a network device, including a processor, a memory, and a program stored in the memory and executable on the processor, wherein the program, when executed by the processor, implements the computational information acquisition method as described in any of the preceding claims.
  • the readable storage medium is applied to the aforementioned network device.
  • the execution steps in the corresponding computational information acquisition method are described in detail above and will not be repeated here.
  • Another embodiment of this disclosure also provides a computer program product, which includes computer instructions that, when executed by a processor, implement the steps of the computational information acquisition method as described above.
  • embodiments of this disclosure may take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, compact disc read-only memory (CD-ROM), optical storage, etc.) containing computer-usable program code.
  • computer-usable storage media including but not limited to disk storage, compact disc read-only memory (CD-ROM), optical storage, etc.
  • the computer program product described in this disclosure includes computer instructions that, when executed by a processor, implement the various processes of the computational information acquisition method embodiment shown above, and can achieve the same technical effect. To avoid repetition, these will not be repeated here.
  • the disclosed methods and apparatus can be implemented in other ways.
  • the apparatus embodiments described above are merely illustrative.
  • the division of units is only a logical functional division, and in actual implementation, there may be other division methods.
  • multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed.
  • the coupling or direct coupling or communication connection shown or discussed may be through some interfaces, or indirect coupling or communication connection between devices or units, and may be electrical, mechanical, or other forms.
  • the functional units in the various embodiments of this disclosure can be integrated into one processing unit, or each unit can be physically comprised separately, or two or more units can be integrated into one unit.
  • the integrated unit can be implemented in hardware or in the form of hardware plus software functional units.
  • the integrated units implemented as software functional units described above can be stored in a computer-readable storage medium.
  • These software functional units, stored in a storage medium include several instructions that cause a computer device (which may be a personal computer, server, or network device, etc.) to execute some steps of the transmission and reception methods described in the various embodiments of this disclosure.
  • the aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

Provided in the present disclosure are a computing information acquisition method and apparatus, and a device and a medium, which are applied to the technical field of cloud computing. The method comprises: acquiring first indicator information of at least one computing resource, and acquiring second indicator information of a computing method used corresponding to each computing resource; on the basis of the first indicator information and the second indicator information, obtaining security evaluation results of each computing resource that correspond to different computing methods; and on the basis of the security evaluation results, obtaining a target computing resource and a target computing method, which are used for executing a first computing task, among the at least one computing resource and the corresponding computing methods.

Description

计算信息获取方法、装置、设备及介质Computational information acquisition methods, devices, equipment and media

相关申请的交叉引用Cross-reference to related applications

本申请主张在2024年05月08日在中国提交的中国专利申请No.202410562039.6的优先权,其全部内容通过引用包含于此。This application claims priority to Chinese Patent Application No. 202410562039.6, filed in China on May 8, 2024, the entire contents of which are incorporated herein by reference.

技术领域Technical Field

本公开涉及云计算技术领域,尤其是指一种计算信息获取方法、装置、设备及介质。This disclosure relates to the field of cloud computing technology, and in particular to a method, apparatus, device and medium for acquiring computing information.

背景技术Background Technology

相关技术中为外包计算任务选择目标计算资源(计算节点)的方案中,通常将计算资源的算力情况作为主要选择依据,如计算资源的当前会话并发数、计算资源的综合计算能力(如带宽、中央处理器(Central Processing Unit,CPU)等)等,然后基于一定的准则判定算力情况最优的计算资源,并将该计算资源作为最佳的选择。In related technologies, when selecting target computing resources (computing nodes) for outsourced computing tasks, the computing power of the computing resources is usually taken as the main selection criterion, such as the current session concurrency of the computing resources, the comprehensive computing capabilities of the computing resources (such as bandwidth, central processing unit (CPU) etc.), etc., and then the computing resources with the optimal computing power are determined based on certain criteria and selected as the best choice.

然而,上述基于计算资源算力情况进行计算资源选择的方式,未考虑计算资源的安全状态,难以满足特殊计算任务的安全需求。根据计算任务的业务数据类型、计算类型、应用场景等特点,不同的计算任务有不同的数据机密性、计算结果可验证(防止计算结果伪造)等安全需求。而通常计算资源的属性、安全防护措施、能够提供的安全计算方法存在差异,因此不同计算资源及安全计算方法对于计算任务安全需求的满足程度并不相同,如何为计算任务适配合适的计算资源和计算方法,以满足计算任务的安全需求成为目前亟需解决的问题。However, the aforementioned method of selecting computing resources based on computing power does not consider the security status of computing resources and is difficult to meet the security requirements of special computing tasks. Depending on the business data type, computation type, and application scenario of the computing task, different computing tasks have different security requirements, such as data confidentiality and verifiability of computation results (to prevent forgery of computation results). Since the attributes, security protection measures, and available secure computing methods of computing resources typically differ, the degree to which different computing resources and secure computing methods meet the security requirements of computing tasks varies. Therefore, how to adapt appropriate computing resources and computing methods to computing tasks to meet their security requirements has become an urgent problem to be solved.

发明内容Summary of the Invention

本公开实施例的目的是提供一种计算信息获取方法、装置、设备及介质,用于解决相关技术中,计算任务的计算资源选择方式,无法满足计算任务的安全需求的问题。The purpose of this disclosure is to provide a method, apparatus, device, and medium for acquiring computational information, in order to solve the problem that the selection of computing resources for computing tasks in related technologies cannot meet the security requirements of computing tasks.

本公开其中一实施例提供一种计算信息获取方法,其中,包括:One embodiment of this disclosure provides a method for obtaining computational information, comprising:

获取至少一计算资源的第一指标信息,以及获取对应每一所述计算资源采用的计算方法的第二指标信息;Obtain first indicator information of at least one computing resource, and obtain second indicator information of the computing method used for each computing resource;

根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果;Based on the first indicator information and the second indicator information, obtain the security evaluation results of each computing resource corresponding to different computing methods;

根据所述安全评价结果,获得所述至少一计算资源和对应的所述计算方法中,用于执行第一计算任务的目标计算资源和目标计算方法。Based on the security evaluation results, the target computing resource and target computing method for performing the first computing task are obtained from the at least one computing resource and the corresponding computing method.

可选地,所述的计算信息获取方法,其中,所述方法还包括:Optionally, the computational information acquisition method further includes:

根据所述第一指标信息和/或所述第二指标信息,获得所述至少一计算资源和对应的计算方法中,符合所述第一计算任务的要求的计算资源和对应的计算方法,用于确定所述目标计算资源和所述目标计算方法。Based on the first indicator information and/or the second indicator information, obtain the computing resources and corresponding computing methods that meet the requirements of the first computing task from among the at least one computing resource and the corresponding computing method, and use them to determine the target computing resources and the target computing method.

可选地,所述的计算信息获取方法,其中,所述方法还包括以下的一项或多项:Optionally, the computational information acquisition method further includes one or more of the following:

根据第一预设时间范围内采用所述计算资源执行历史计算任务的计算信息,获得所述第一指标信息;The first indicator information is obtained based on the computation information of historical computation tasks performed using the computing resources within a first preset time range;

根据第二预设时间范围内采用所述计算方法执行历史计算任务的计算信息,获得所述第二指标信息。The second indicator information is obtained based on the calculation information of historical calculation tasks performed using the calculation method within the second preset time range.

可选地,所述的计算信息获取方法,其中,根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果,包括:Optionally, the computational information acquisition method, wherein obtaining the security evaluation result of each computational resource corresponding to different computational methods based on the first indicator information and the second indicator information includes:

根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值;以及,根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值;Based on each first indicator information of the computing resource, a first security score corresponding to the computing resource is obtained; and based on each second indicator information of the computing resource using one of the calculation methods, a corresponding second security score is obtained.

根据所述第一安全分值和所述第二安全分值,获得所述计算资源对应所述其中一个计算方法的安全评价结果。Based on the first security score and the second security score, a security evaluation result is obtained for the computing resource corresponding to one of the computing methods.

可选地,所述的计算信息获取方法,其中,根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值,包括:Optionally, the computational information acquisition method, wherein obtaining a first security score corresponding to the computational resource based on each first indicator information of the computational resource includes:

获得每一所述第一指标信息分别对应的第一安全指标值;Obtain the first security indicator value corresponding to each of the first indicator information;

根据每一所述第一安全指标值,获得所述计算资源对应的所述第一安全分值。Based on each of the first security index values, the first security score corresponding to the computing resource is obtained.

可选地,所述的计算信息获取方法,其中,根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值,包括:Optionally, the computational information acquisition method, wherein obtaining a corresponding second security score based on each second indicator information of the computational resources using one of the computational methods, includes:

获得每一所述第二指标信息分别对应的第二安全指标值;Obtain the second security indicator value corresponding to each of the second indicator information;

根据每一所述第二安全指标值,获得所述计算资源采用所述其中一个计算方法所对应的所述第二安全分值。Based on each of the second security index values, the second security score corresponding to the computing resource using one of the calculation methods is obtained.

可选地,所述的计算信息获取方法,其中,根据所述第一安全分值和所述第二安全分值,获得所述计算资源对应所述其中一个计算方法的安全评价结果,包括:Optionally, the computational information acquisition method, wherein obtaining the security evaluation result of the computational resource corresponding to one of the computational methods based on the first security score and the second security score includes:

将所述第一安全分值和所述第二安全分值进行加权操作,获得所述计算资源对应所述其中一个计算方法的安全评价结果。The first security score and the second security score are weighted to obtain the security evaluation result of the computing resource corresponding to one of the computing methods.

可选地,所述的计算信息获取方法,其中,根据所述安全评价结果,获得用于执行第一计算任务的目标计算资源和目标计算方法,包括:Optionally, the computational information acquisition method, wherein obtaining the target computational resources and target computational method for performing the first computational task based on the security evaluation result includes:

根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法;Based on the resource selection strategy information of the first computing task and the security evaluation result, the target computing resources and target computing method for executing the first computing task are obtained.

其中,所述资源选择策略信息包括以下的一项或多项:The resource selection strategy information includes one or more of the following:

资源选择因素;Resource selection factors;

资源选择因素的优先级;Prioritization of resource selection factors;

资源选择因素中的参数阈值。Threshold parameters in resource selection factors.

可选地,所述的计算信息获取方法,其中,根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:Optionally, the computational information acquisition method, wherein obtaining the target computational resources and target computational method for executing the first computational task based on the resource selection strategy information of the first computational task and the security evaluation result includes:

根据所述资源选择因素中的参数阈值,选择相应的资源选择因素符合所述参数阈值的所述计算资源和对应的所述计算方法为待选择资源信息;其中,每一待选择资源信息分别包括一个计算资源和对应的一个计算方法;Based on the parameter thresholds in the resource selection factors, the computing resources and corresponding computing methods that meet the parameter thresholds of the corresponding resource selection factors are selected as candidate resource information; wherein, each candidate resource information includes a computing resource and a corresponding computing method.

在所述资源选择因素中安全性因素的优先级为第一优先级的情况下,选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息;其中,所述目标选择资源信息中的计算资源为所述目标计算资源,所述目标选择资源信息中的计算方法为所述目标计算方法。When the security factor has the highest priority among the resource selection factors, the resource information corresponding to the highest value of the security evaluation result is selected as the target selection resource information; wherein, the computing resource in the target selection resource information is the target computing resource, and the calculation method in the target selection resource information is the target calculation method.

可选地,所述的计算信息获取方法,其中,所述选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息,包括:Optionally, in the method for obtaining computational information, the step of selecting the resource information to be selected corresponding to the highest value of the security evaluation result as the target resource information includes:

根据所述资源选择因素的优先级,确定第二优先级的所述资源选择因素;Based on the priority of the resource selection factors, determine the resource selection factors with the second priority;

选择所述安全评价结果的数值最高所对应的所述待选择资源信息中,相对应的第二优先级的所述资源选择因素为最优的所述待选择资源信息为所述目标选择资源信息。The resource information with the highest value of the security evaluation result is selected as the target resource information, and the resource information with the second priority as the optimal resource selection factor is selected from the resource information to be selected.

可选地,所述的计算信息获取方法,其中,所述方法还包括以下的一项或多项:Optionally, the computational information acquisition method further includes one or more of the following:

依据所述待选择资源信息所对应的安全评价结果的数值由高至低的排列顺序,对多组所述待选择资源信息进行排序;Based on the numerical order of the security evaluation results corresponding to the resource information to be selected, from high to low, the multiple sets of resource information to be selected are sorted.

依据为第二优先级的所述资源选择因素所对应的数值由高至低的排列顺序,对所述安全评价结果的数值最高的所述待选择资源信息进行排序。Based on the numerical order of the resource selection factors with the second priority from high to low, the resource information to be selected with the highest value of the security evaluation result is sorted.

可选地,所述的计算信息获取方法,其中,根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述计算任务的目标计算资源和目标计算方法,包括:Optionally, the computational information acquisition method, wherein obtaining the target computational resources and target computational method for executing the computational task based on the resource selection strategy information of the first computational task and the security evaluation result includes:

在根据所述资源选择因素的优先级,确定所述资源选择因素中的第一资源选择因素的优先级为第一优先级,且所述第一资源选择因素并非为安全性因素的情况下,依据所述第一资源选择因素所对应的数值由高至低的排列顺序,对所述计算资源进行排序,获得最优的所述计算资源;If the priority of the first resource selection factor is determined to be the first priority based on the priority of the resource selection factors, and the first resource selection factor is not a security factor, the computing resources are sorted according to the numerical order of the first resource selection factor from high to low to obtain the optimal computing resources.

根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法。Based on the security evaluation results corresponding to the optimal computing resources, the target computing resources and target computing methods for performing the first computing task are determined.

可选地,所述的计算信息获取方法,其中,根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:Optionally, the computational information acquisition method, wherein determining the target computational resources and target computational method for performing the first computational task based on the security evaluation result corresponding to the optimal computational resources, includes:

根据所述资源选择因素的优先级,依次将所述第一优先级之后的下一个优先级的资源选择因素作为第二资源选择因素;Based on the priority of the resource selection factors, the resource selection factor with the next highest priority after the first priority is selected as the second resource selection factor.

在所述第二资源选择因素并非为安全性因素的情况下,依据所述第二资源选择因素所对应的数值由高至低的排序顺序,对上次排序所获得的最优的所述计算资源进行排序;在所述第二资源选择因素为安全性因素的情况下,依据相对应的所述安全评价结果的数值由高至低的排列顺序,将上次排序所获得的最优的所述计算资源分别和对应的计算方法相组合后进行排序,获得最优的待选择资源信息;If the second resource selection factor is not a security factor, the optimal computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. If the second resource selection factor is a security factor, the optimal computing resources obtained in the previous sorting are combined with the corresponding calculation methods and sorted according to the numerical order of the corresponding security evaluation results from high to low to obtain the optimal candidate resource information.

在完成依据每一优先级的所述资源选择因素的排序后,选择最优的所述待选择资源信息中的计算资源为所述目标计算资源,以及所述待选择资源信息中的计算方法为所述目标计算方法。After sorting the resource selection factors according to each priority, the optimal computing resource in the candidate resource information is selected as the target computing resource, and the computing method in the candidate resource information is selected as the target computing method.

本公开其中一实施例还提供一种计算信息获取装置,其中,包括:One embodiment of this disclosure also provides a computational information acquisition device, comprising:

信息获取模块,用于获取至少一计算资源的第一指标信息,以及获取对应每一所述计算资源采用的计算方法的第二指标信息;The information acquisition module is used to acquire first indicator information of at least one computing resource, and to acquire second indicator information of the computing method used for each computing resource.

第一确定模块,用于根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果;The first determining module is used to obtain the security evaluation results of different computing methods corresponding to each computing resource based on the first indicator information and the second indicator information.

第二确定模块,用于根据所述安全评价结果,获得所述至少一计算资源和对应的所述计算方法中,用于执行第一计算任务的目标计算资源和目标计算方法。The second determining module is used to obtain, based on the security evaluation result, the target computing resource and the target computing method used to perform the first computing task from among the at least one computing resource and the corresponding computing method.

本公开其中一实施例还提供一种网络设备,其中,包括处理器、存储器及存储在所述存储器上并可在所述处理器上运行的程序,所述程序被所述处理器执行时实现如上任一项所述的计算信息获取方法。One embodiment of this disclosure also provides a network device, which includes a processor, a memory, and a program stored in the memory and executable on the processor, wherein the program, when executed by the processor, implements the computational information acquisition method as described in any of the preceding claims.

本公开其中一实施例还提供一种可读存储介质,其中,所述可读存储介质上存储有程序,所述程序被处理器执行时实现如上任一项所述计算信息获取方法中的步骤。One embodiment of this disclosure also provides a readable storage medium, wherein a program is stored on the readable storage medium, and when the program is executed by a processor, it implements the steps in the computational information acquisition method described in any of the preceding claims.

本公开其中一实施例还提供一种计算机程序产品,其中,包括计算机指令,所述计算机指令被处理器执行时实现如上任一项所述计算信息获取方法中的步骤。One embodiment of this disclosure also provides a computer program product, which includes computer instructions that, when executed by a processor, implement the steps in the computational information acquisition method described in any of the preceding claims.

本公开上述技术方案中的至少一个具有以下有益效果:At least one of the above-described technical solutions disclosed herein has the following beneficial effects:

本公开实施例所述计算信息获取方法,通过将计算资源及对应的计算方法进行综合评价,确定计算资源对应不同计算方法的安全评价结果,根据该安全评价结果,确定用于执行计算任务的计算资源和计算方法,以能够采用合适的安全计算方法为计算任务选择适配的计算资源和计算方法,达到满足计算任务的安全需求的效果。The computational information acquisition method described in this embodiment comprehensively evaluates computational resources and corresponding computational methods to determine the security evaluation results of different computational methods corresponding to the computational resources. Based on the security evaluation results, it determines the computational resources and computational methods used to perform the computational task, so as to select suitable computational resources and computational methods for the computational task by using appropriate security computational methods, thereby achieving the effect of meeting the security requirements of the computational task.

附图说明Attached Figure Description

图1为本公开实施例所述计算信息获取方法的流程示意图;Figure 1 is a flowchart illustrating the information acquisition method according to an embodiment of this disclosure;

图2为采用本公开实施例所述方法,对计算资源进行排序的其中一实施方式的示意图;Figure 2 is a schematic diagram of one embodiment of sorting computing resources using the method described in this disclosure;

图3为采用本公开实施例所述方法,对计算资源进行排序的另一实施方式的示意图;Figure 3 is a schematic diagram of another embodiment of sorting computing resources using the method described in the present disclosure;

图4为本公开实施例所述计算信息获取装置的结构示意图。Figure 4 is a schematic diagram of the structure of the computational information acquisition device according to an embodiment of this disclosure.

具体实施方式Detailed Implementation

为使本公开要解决的技术问题、技术方案和优点更加清楚,下面将结合附图及具体实施例进行详细描述。To make the technical problems, technical solutions and advantages to be solved by this disclosure clearer, a detailed description will be given below in conjunction with the accompanying drawings and specific embodiments.

本公开的说明书和权利要求书中的术语“第一”、“第二”等是用于区别类似的对象,而不用于描述特定的顺序或先后次序。应该理解这样使用的术语在适当情况下可以互换,以便本公开的实施例能够以除了在这里图示或描述的那些以外的顺序实施,且“第一”、“第二”所区别的对象通常为一类,并不限定对象的个数,例如第一对象可以是一个,也可以是多个。此外,说明书以及权利要求中“和/或”表示所连接对象的至少其中之一,字符“/”一般表示前后关联对象是一种“或”的关系。The terms "first," "second," etc., used in this disclosure and in the claims are used to distinguish similar objects and not to describe a specific order or sequence. It should be understood that such terms can be used interchangeably where appropriate so that embodiments of this disclosure can be implemented in orders other than those illustrated or described herein, and the objects distinguished by "first" and "second" are generally of the same class, not limited in number; for example, a first object can be one or more. Furthermore, in the specification and claims, "and/or" indicates at least one of the connected objects, and the character "/" generally indicates that the preceding and following objects are in an "or" relationship.

为解决相关技术中,计算任务的计算资源选择方式,无法满足计算任务的安全需求的问题,本公开实施例提供一种计算信息获取方法,通过将计算资源及对应的计算方法进行综合评价,确定计算资源对应不同计算方法的安全评价结果,根据该安全评价结果,确定用于执行计算任务的计算资源和计算方法,以能够采用合适的安全计算方法为计算任务选择适配的计算资源和计算方法,达到满足计算任务的安全需求的效果。To address the issue that the selection of computing resources for computing tasks in related technologies cannot meet the security requirements of computing tasks, this disclosure provides a method for obtaining computing information. By comprehensively evaluating computing resources and corresponding computing methods, the security evaluation results of different computing methods corresponding to computing resources are determined. Based on the security evaluation results, the computing resources and computing methods used to execute the computing task are determined, so that suitable computing resources and computing methods can be selected for the computing task using appropriate secure computing methods, thereby achieving the effect of meeting the security requirements of the computing task.

本公开其中一实施例提供一种计算信息获取方法,如图1所示,包括:One embodiment of this disclosure provides a method for obtaining computational information, as shown in Figure 1, including:

S110,获取至少一计算资源的第一指标信息,以及获取对应每一所述计算资源采用的计算方法的第二指标信息;S110, obtain first indicator information of at least one computing resource, and obtain second indicator information of the computing method used for each computing resource;

S120,根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果;S120, based on the first indicator information and the second indicator information, obtain the security evaluation results of different computing methods corresponding to each computing resource;

S130,根据所述安全评价结果,获得所述至少一计算资源和对应的所述计算方法中,用于执行第一计算任务的目标计算资源和目标计算方法。S130, based on the security evaluation result, obtain the target computing resource and target computing method used to perform the first computing task from the at least one computing resource and the corresponding computing method.

需要说明的是,本公开实施例中,所提及的计算任务为任一计算任务,并不特指其中一计算任务。It should be noted that, in the embodiments of this disclosure, the computing task mentioned is any computing task and does not specifically refer to one of the computing tasks.

采用本公开实施例所述计算信息获取方法,通过将至少一计算资源的第一指标信息以及对应每一计算资源采用的计算方法的第二指标信息相结合,确定每一计算资源对应不同所述计算方法的安全评价结果,通过该安全评价结果,确定执行第一计算任务的目标计算资源和目标计算方法,这样将计算资源及其提供的计算方法进行综合评价,并获得安全评价结果,以能够从满足计算任务的安全需求方面,确定执行该计算任务对应的目标计算资源和目标计算方法。The computational information acquisition method described in this embodiment combines the first indicator information of at least one computational resource with the second indicator information of the computational method used by each computational resource to determine the security evaluation result of each computational resource corresponding to different computational methods. Based on the security evaluation result, the target computational resource and target computational method for executing the first computational task are determined. In this way, the computational resources and the computational methods they provide are comprehensively evaluated, and a security evaluation result is obtained, so as to determine the target computational resource and target computational method corresponding to executing the computational task from the perspective of meeting the security requirements of the computational task.

可选地,所述方法还包括以下的一项或多项:Optionally, the method further includes one or more of the following:

根据第一预设时间范围内采用所述计算资源执行历史计算任务的计算信息,获得所述第一指标信息;The first indicator information is obtained based on the computation information of historical computation tasks performed using the computing resources within a first preset time range;

根据第二预设时间范围内采用所述计算方法执行历史计算任务的计算信息,获得所述第二指标信息。The second indicator information is obtained based on the calculation information of historical calculation tasks performed using the calculation method within the second preset time range.

除根据上述的方式获得第一指标信息和第二指标信息之外,可选地,所述方法还可以包括:In addition to obtaining the first indicator information and the second indicator information in the manner described above, the method may optionally include:

根据第一预配置信息获得所述第一指标信息;The first indicator information is obtained based on the first pre-configuration information;

根据第二预配置信息获得所述第二指标信息。The second indicator information is obtained based on the second pre-configuration information.

采用本公开实施例所述计算信息获取方法,计算资源的第一指标信息和计算方法的第二指标信息,可以通过信息采集和/或预配置信息获得。Using the computational information acquisition method described in this embodiment, the first indicator information of computational resources and the second indicator information of computational methods can be obtained through information collection and/or pre-configuration information.

采用该实施方式,可选地,计算资源的部分的第一指标信息可以通过统计第一预设时间范围内采用该计算资源执行历史计算任务的计算信息,另一部分的第一指标信息可以通过第一预配置信息获得;计算方法的部分的第二指标信息可以通过统计第二预设时间范围内采用该计算方法执行历史计算任务的计算信息获得,另一部分的第二指标信息可以通过第二预配置信息获得。In this implementation, optionally, the first indicator information of the computing resources can be obtained by statistically analyzing the computing information of historical computing tasks performed using the computing resources within a first preset time range, and the other part of the first indicator information can be obtained by first pre-configuration information; the second indicator information of the computing method can be obtained by statistically analyzing the computing information of historical computing tasks performed using the computing method within a second preset time range, and the other part of the second indicator information can be obtained by second pre-configuration information.

其中,所述第一指标信息包括可信度指标信息和/或安全能力指标信息;和/或The first indicator information includes credibility indicator information and/or security capability indicator information; and/or

所述第二指标信息包括机密性指标信息、可验证性指标信息、计算时延和计算精确度中的一项或多项。The second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy.

需要说明的是,上述第一指标信息和第二指标信息所包括的信息仅为举例说明,具体并不以此为限。It should be noted that the information included in the first and second indicators above is for illustrative purposes only and is not limited to these examples.

其中一实施方式,可选地,第一指标信息包括可信度指标信息和/或安全能力指标信息。其中,计算资源的可信度指标信息表示为计算资源执行历史计算任务的成功率,可以通过统计第一预设周期T1或第一预设时间范围内采用计算资源执行历史计算任务的计算信息获得。可选地,该计算信息包括并不限于仅能够包括执行历史计算任务的数量和/或执行历史计算任务成功的数量,通过比较第一预设周期T1或第一预设时间范围内执行该历史计算任务成功的数量和所执行历史计算任务的总数量,可以获得该可信度指标信息。可选地,该可信度指标信息的数值越高,表示计算资源的可信度越高。In one embodiment, optionally, the first indicator information includes trustworthiness indicator information and/or security capability indicator information. The trustworthiness indicator information of the computing resource represents the success rate of the computing resource executing historical computing tasks, and can be obtained by statistically analyzing the computing information of historical computing tasks executed by the computing resource within a first preset period T1 or a first preset time range. Optionally, this computing information includes, but is not limited to, the number of historical computing tasks executed and/or the number of successful historical computing tasks. The trustworthiness indicator information can be obtained by comparing the number of successful historical computing tasks executed within the first preset period T1 or the first preset time range with the total number of historical computing tasks executed. Optionally, the higher the value of the trustworthiness indicator information, the higher the trustworthiness of the computing resource.

采用该实施方式,可信度指标信息形成为对计算资源进行安全评价的动态评价指标,通过每间隔第一预设周期T1或在第一预设时间范围内进行信息采集,获得执行历史计算任务的计算结果,可以获得每一计算资源的可信度指标信息。Using this implementation method, the credibility index information is formed as a dynamic evaluation index for security evaluation of computing resources. By collecting information at each first preset period T1 or within a first preset time range, the calculation results of historical computing tasks can be obtained, and the credibility index information of each computing resource can be obtained.

可选地,计算资源的安全能力指标信息可以根据第一预配置信息获得,也即可以通过预配置的方式获得,如通过第一预配置信息获得。其中,该安全能力指标信息可以为经授权机构签发的安全能力等级证明。Optionally, the security capability index information of the computing resources can be obtained based on the first pre-configuration information, that is, it can be obtained through pre-configuration, such as through the first pre-configuration information. This security capability index information can be a security capability level certificate issued by an authorized institution.

其中一实施方式,可选地,所述第二指标信息包括机密性指标信息、可验证性指标信息、计算时延和计算精确度中的一项或多项。其中,机密性指标信息和可验证性指标信息可以称为第二指标信息中的安全相关指标,计算时延和计算精确度可以称为第二指标信息中的非安全相关指标。In one embodiment, optionally, the second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy. Confidentiality indicator information and verifiability indicator information can be referred to as security-related indicators in the second indicator information, while computation latency and computation accuracy can be referred to as non-security-related indicators in the second indicator information.

可选地,机密性指标信息和可验证性指标信息可以通过预配置的方式获得,如通过第二预配置信息获得。其中,机密性指标信息用于表示计算方法能够实现的数据机密性程度;可选地,机密性指标信息的数值越高,表示计算方法的数据机密性程度越高;可验证性指标信息用于表示计算方法对计算验证的支持度,该支持度可以为不支持验证、支持验证和支持有条件验证中的一项或多项。可选地,可验证性指标信息为不同数值时,表示不同的支持度。Optionally, the confidentiality and verifiability metrics can be obtained through pre-configuration, such as through second pre-configured information. The confidentiality metrics represent the degree of data confidentiality achievable by the computation method; optionally, a higher value for the confidentiality metrics indicates a higher degree of data confidentiality. The verifiability metrics represent the degree of support the computation method provides for computational verification, which can be one or more of the following: no verification supported, verification supported, and conditional verification supported. Optionally, different values for the verifiability metrics represent different levels of support.

本公开实施例中,可选地,计算时延可以通过统计第二预设周期T2或第二预设时间范围内采用计算方法执行历史计算任务的计算信息获得。可选地,该计算信息包括并不限于仅能够包括计算任务的类型、数据量、完成时间、是否使用计算方法以及所使用计算方法的类型中的一项或多项。采用该实施方式,通过统计第二预设周期T2或第二预设时间范围内,对每一个使用了计算方法的历史计算任务,所执行的历史计算任务的类型、数据量、完成时间、是否使用计算方法以及所使用计算方法的类型中的一项或多项,可以计算确定计算方法的计算时延;同理,采用相同方式,可以获得每一个计算方法的计算时延。In this embodiment of the disclosure, optionally, the computation latency can be obtained by statistically analyzing computation information of historical computation tasks executed using a computation method within a second preset period T2 or a second preset time range. Optionally, this computation information includes, but is not limited to, one or more of the following: the type of computation task, the amount of data, the completion time, whether a computation method was used, and the type of computation method used. Using this implementation, by statistically analyzing one or more of the following for each historical computation task that used a computation method within the second preset period T2 or a second preset time range: the type of historical computation task executed, the amount of data, the completion time, whether a computation method was used, and the type of computation method used, the computation latency of the computation method can be calculated and determined; similarly, the computation latency of each computation method can be obtained using the same method.

可选地,该计算时延可以为执行特定的历史计算信息时,使用该计算方法的平均计算时延。Optionally, the computation latency can be the average computation latency when using the computation method to execute specific historical computation information.

可选地,计算精确度可以根据第二预配置信息获得,也即通过预置方式获得。其中该计算精确度可以表示为计算方法的计算准确性。Optionally, the calculation accuracy can be obtained based on the second pre-configuration information, i.e., through a preset method. This calculation accuracy can be expressed as the accuracy of the calculation method.

根据以上,采用本公开实施例所述计算信息获取方法,针对计算资源和对应的每一个计算方法,根据计算资源的第一指标信息和对应的每一个计算方法的第二指标信息,可以分别获得每一个计算资源对应不同计算方法的安全评价结果。Based on the above, by adopting the computational information acquisition method described in the embodiments of this disclosure, for each computational resource and each corresponding computational method, the security evaluation results for each computational resource corresponding to different computational methods can be obtained according to the first indicator information of the computational resource and the second indicator information of each corresponding computational method.

具体地,对于计算资源和对应的每一个计算方法,通过预置方式获得计算资源的安全能力指标信息以及对应的计算方法的机密性指标信息、可验证性指标信息和计算准确度中的一项或多项;通过进行信息提取并进行数据分析,获得计算资源的可信度指标信息以及对应的计算方法的计算时延。Specifically, for each computing resource and its corresponding computing method, the security capability index information of the computing resource and one or more of the confidentiality index information, verifiability index information, and computing accuracy information of the corresponding computing method are obtained through a preset method; by extracting information and performing data analysis, the credibility index information of the computing resource and the computing latency of the corresponding computing method are obtained.

举例说明,计算资源的第一指标信息和计算方法的第二指标信息可以分别为如下表1所示:For example, the first indicator information of computing resources and the second indicator information of computing methods can be shown in Table 1 below:

表1
Table 1

本公开实施例中,可选地,可信度指标信息的取值位于(0,n)之间,且该可信度指标信息的数值越大,表示计算资源的可信度更高;可选地,安全能力指标信息位于[0,n]之间,且安全能力指标信息的数值越大,表示计算资源的安全能力等级越高;可选地,机密性指标信息位于[0,n]之间,且机密性指标信息的数值越大,表示计算方法的机密性指标的机密性等级越高;可选地,可验证性指标信息位于[0,n]之间,且可不同类型的可验证性对应不同的值;可选地,计算时延位于(0,n)之间,且计算时延的数值越大,表示采用计算方法执行计算任务的平均时延越大;可选地,计算精确度位于(0,n)之间,且计算精确度的数值越大,表示采用计算方法执行计算任务的精确度越高。In this embodiment of the disclosure, optionally, the credibility index information is located between (0, n), and the larger the value of the credibility index information, the higher the credibility of the computing resource; optionally, the security capability index information is located between [0, n], and the larger the value of the security capability index information, the higher the security capability level of the computing resource; optionally, the confidentiality index information is located between [0, n], and the larger the value of the confidentiality index information, the higher the confidentiality level of the confidentiality index of the calculation method; optionally, the verifiability index information is located between [0, n], and different types of verifiability correspond to different values; optionally, the computation latency is located between (0, n), and the larger the value of the computation latency, the larger the average latency of the computation task executed by the computation method; optionally, the computation accuracy is located between (0, n), and the larger the value of the computation accuracy, the higher the accuracy of the computation task executed by the computation method.

其中一实施方式,可选地,本公开实施例所述计算信息获取方法中,所述方法还包括:In one embodiment, optionally, the computational information acquisition method described in this disclosure further includes:

根据所述第一指标信息和/或所述第二指标信息,获得所述至少一计算资源和对应的计算方法中,符合所述第一计算任务的要求的计算资源和对应的计算方法,用于确定所述目标计算资源和所述目标计算方法。Based on the first indicator information and/or the second indicator information, obtain the computing resources and corresponding computing methods that meet the requirements of the first computing task from among the at least one computing resource and the corresponding computing method, and use them to determine the target computing resources and the target computing method.

可选地,第一计算任务的要求可以称为第一计算任务的指标要求,可以包括对计算指标的需求和/或对安全指标的需求,该第一计算任务的要求包括并不限于仅能够包括第一指标信息和/或所述第二指标信息,例如对于计算指标的需求包括计算时延和/或计算精确度等,对于安全指标的需求包括可信度需求、安全能力需求、机密性需求和/或可验证性需求。Optionally, the requirements of the first computing task can be referred to as the indicator requirements of the first computing task, which may include requirements for computing indicators and/or requirements for security indicators. The requirements of the first computing task include, but are not limited to, only the first indicator information and/or the second indicator information. For example, the requirements for computing indicators include computing latency and/or computing accuracy, and the requirements for security indicators include reliability requirements, security capability requirements, confidentiality requirements and/or verifiability requirements.

采用该实施方式,在执行第一计算任务具有明确要求的情况下,通过对多个计算资源和对应不同计算方法执行历史计算任务的计算指标信息进行分析,筛选出计算指标信息符合第一计算任务的要求的计算资源和对应的计算方法,用于作为执行第一计算任务进一步筛选确定目标计算资源和目标计算方法的计算资源和计算方法。这样,通过筛选过程,使得根据每一计算资源对应不同所述计算方法所计算的安全评价结果,确定的执行所述第一计算任务的目标计算资源和目标计算方法,能够满足执行第一计算任务的要求。In this implementation, when there are specific requirements for performing the first computing task, by analyzing the computing index information of multiple computing resources and corresponding different computing methods used to perform historical computing tasks, computing resources and corresponding computing methods whose computing index information meets the requirements of the first computing task are selected. These are then used as the computing resources and computing methods for further screening and determining the target computing resources and target computing methods for performing the first computing task. Thus, through this screening process, the target computing resources and target computing methods determined based on the security evaluation results calculated by each computing resource and corresponding to different computing methods can meet the requirements for performing the first computing task.

本公开实施例中,其中一实施方式,可选地,在步骤S120,根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果,包括:In one embodiment of this disclosure, optionally, in step S120, obtaining the security evaluation result of each computing resource corresponding to different computing methods based on the first indicator information and the second indicator information includes:

根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值;以及,根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值;Based on each first indicator information of the computing resource, a first security score corresponding to the computing resource is obtained; and based on each second indicator information of the computing resource using one of the calculation methods, a corresponding second security score is obtained.

根据所述第一安全分值和所述第二安全分值,获得所述计算资源对应所述其中一个计算方法的安全评价结果。Based on the first security score and the second security score, a security evaluation result is obtained for the computing resource corresponding to one of the computing methods.

可选地,根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值,包括:Optionally, obtaining a first security score corresponding to the computing resource based on each first indicator information of the computing resource includes:

获得每一所述第一指标信息分别对应的第一安全指标值;Obtain the first security indicator value corresponding to each of the first indicator information;

根据每一所述第一安全指标值,获得所述计算资源对应的所述第一安全分值。Based on each of the first security index values, the first security score corresponding to the computing resource is obtained.

可选地,根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值,包括:Optionally, based on each second indicator information obtained using one of the calculation methods for the computing resources, a corresponding second security score is obtained, including:

获得每一所述第二指标信息分别对应的第二安全指标值;Obtain the second security indicator value corresponding to each of the second indicator information;

根据每一所述第二安全指标值,获得所述计算资源采用所述其中一个计算方法所对应的所述第二安全分值。Based on each of the second security index values, the second security score corresponding to the computing resource using one of the calculation methods is obtained.

采用该实施方式,在确定每一所述计算资源对应不同所述计算方法的安全评价结果时,可以通过映射方式,将其中一个计算资源的每一所述第一指标信息分别映射为对应的第一安全指标值,以及将对应所述其中一个计算资源采用的其中一个计算方法的每一所述第二指标信息分别映射为对应的第二安全指标值;Using this implementation method, when determining the security evaluation results of different computing methods for each computing resource, each of the first indicator information of one computing resource can be mapped to the corresponding first security indicator value through a mapping method, and each of the second indicator information of one computing method used by one of the computing resources can be mapped to the corresponding second security indicator value.

在分别获得第一安全指标值和第二安全指标值之后,根据每一所述第一安全指标值确定所述其中一个计算资源对应的第一安全分值,以及根据每一所述第二安全指标值确定所述其中一个计算方法对应的第二安全分值;After obtaining the first security index value and the second security index value respectively, a first security score corresponding to one of the computing resources is determined based on each of the first security index values, and a second security score corresponding to one of the computing methods is determined based on each of the second security index values.

根据所述第一安全分值和所述第二安全分值,确定所述其中一个计算资源对应所述其中一个计算方法的安全评价结果。Based on the first security score and the second security score, determine the security evaluation result of one of the computing resources corresponding to one of the computing methods.

举例说明,在第一指标信息包括可信度指标信息和安全能力指标信息的情况下,结合表1所示,对于每一个计算资源,根据所获得的相应该计算资源所对应的每一第一指标信息,分别将对应的第一指标信息映射为数值(也即为第一安全指标值),并进行归一化处理,也即如表1所示将每一第一安全指标值映射至位于(0,n)之内。For example, when the first indicator information includes credibility indicator information and security capability indicator information, as shown in Table 1, for each computing resource, according to the first indicator information corresponding to the obtained computing resource, the corresponding first indicator information is mapped to a numerical value (that is, the first security indicator value), and normalization is performed, that is, as shown in Table 1, each first security indicator value is mapped to a value within (0, n).

可选地,在获得计算资源的多个第一指标信息的第一安全指标值后,根据不同第一指标信息所对应的权重,可以计算相应计算资源对应的第一安全分值。例如,对于计算资源i,第一指标信息中可信度指标信息R1所对应的权重为W1,安全能力指标信息R2所对应的权重为W2,则确定第一安全分值Si的计算方式为Si=W1*R1+W2*R2。Optionally, after obtaining the first security index values of multiple first index information of computing resources, the first security score corresponding to the corresponding computing resource can be calculated according to the weights corresponding to different first index information. For example, for computing resource i, if the weight corresponding to the credibility index information R1 in the first index information is W1 and the weight corresponding to the security capability index information R2 is W2, then the calculation method for the first security score Si is determined as Si = W1*R1 + W2*R2.

在第二指标信息包括机密性指标信息、可验证性指标信息、计算时延和计算精确度中的一项或多项的情况下,结合表1所示,对于每一个计算资源所对应的每一计算方法,根据所获得的相应该计算方法所对应的每一第二指标信息,分别将对应的第二指标信息映射为数值(也即为第二安全指标值),并进行归一化处理,也即如表1所示,将每一第二安全指标值映射至位于(0,n)之内。When the second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy, as shown in Table 1, for each computation method corresponding to each computation resource, the corresponding second indicator information is mapped to a numerical value (i.e., the second security indicator value) based on the obtained second indicator information corresponding to the corresponding computation method, and then normalized. That is, as shown in Table 1, each second security indicator value is mapped to a value within (0, n).

可选地,在获得其中一个计算资源所对应的其中一个计算方法的多个第二指标信息的第二安全指标值后,根据不同第二指标信息所对应的权重,可以计算相应计算方法对应的第二安全分值。其中,该第二安全分值的计算方式可以与第一安全分值的计算方式相同,在此不再重复说明。Optionally, after obtaining the second security index value of multiple second index information for one calculation method corresponding to one computing resource, a second security score corresponding to the corresponding calculation method can be calculated based on the weights corresponding to different second index information. The calculation method for the second security score can be the same as that for the first security score, and will not be repeated here.

本公开实施例所述计算信息获取方法,在获得其中一个计算资源的第一安全分值,以及该计算资源的其中一个计算方法对应的第二安全分值后,可选地,通过将所述第一安全分值和所述第二安全分值进行加权操作,获得所述计算资源对应所述计算方法的安全评价值。The computational information acquisition method described in this embodiment of the present disclosure, after obtaining a first security score of one of the computational resources and a second security score corresponding to one of the computational methods of the computational resource, optionally obtains a security evaluation value of the computational resource corresponding to the computational method by performing a weighted operation on the first security score and the second security score.

例如,将计算资源的第一安全分值所对应的权重设定为p,将计算方法的第二安全分值所对应的权重设定为q,则计算资源i和对应计算方法j确定安全评价值的方式为p*Si+q*Sij;其中,Si为计算资源的第一安全分值,Sij为该计算资源i的其中一个计算方法j对应的第二安全分值。For example, if the weight corresponding to the first security score of the computing resource is set to p, and the weight corresponding to the second security score of the calculation method is set to q, then the way to determine the security evaluation value of computing resource i and the corresponding calculation method j is p*Si+q*S ij ; where Si is the first security score of the computing resource, and S ij is the second security score corresponding to one of the calculation methods j of the computing resource i.

举例说明,在本公开实施例中,采用上述方式所确定的不同计算资源对应的不同计算方法的安全评价值可以为如下表2所示:For example, in this embodiment of the disclosure, the security evaluation values of different computing methods corresponding to different computing resources determined by the above method can be shown in Table 2 below:

表2
Table 2

需要说明的是,本公开实施例所述方法中,上述确定每一所述计算资源对应不同所述计算方法的安全评价值的方式,仅为举例说明,具体并不以此为限,在此不对每一种可能的实施方式分别举例说明。It should be noted that the method described in the embodiments of this disclosure, which determines the security evaluation value of each computing resource corresponding to different computing methods, is only an example and is not limited thereto. Not every possible implementation will be described in detail here.

本公开实施例中,可选地,在步骤S130中,根据所述安全评价结果,获得用于执行第一计算任务的目标计算资源和目标计算方法,包括:In this embodiment of the disclosure, optionally, in step S130, obtaining the target computing resources and target computing method for performing the first computing task based on the security evaluation result includes:

根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法;Based on the resource selection strategy information of the first computing task and the security evaluation result, the target computing resources and target computing method for executing the first computing task are obtained.

其中,所述资源选择策略信息包括以下的一项或多项:The resource selection strategy information includes one or more of the following:

资源选择因素;Resource selection factors;

资源选择因素的优先级;Prioritization of resource selection factors;

资源选择因素中的参数阈值。Threshold parameters in resource selection factors.

本公开其中一实施方式,可选地,所述资源选择因素包括并不限于仅能够包括安全性因素、算力值因素和距离因素中的一项或多项。In one embodiment of this disclosure, the resource selection factors may optionally include, but are not limited to, one or more of security factors, computing power factors, and distance factors.

采用本公开实施例所述计算信息获取方法,根据安全评价结果和第一计算任务的资源选择策略信息,确定用于执行所述第一计算任务的目标计算资源和目标计算方法,这样将安全计算方法纳入第一计算任务的目标计算资源和目标计算方法确定的考虑因素,并综合多因素的资源选择策略,以辅助达到更合理的选择计算资源和安全计算方法的方式。The computational information acquisition method described in this embodiment determines the target computational resources and target computational methods for executing the first computational task based on the security evaluation results and the resource selection strategy information of the first computational task. This incorporates the security computational method into the determination of the target computational resources and target computational methods of the first computational task, and integrates multiple factors of resource selection strategy to help achieve a more reasonable way of selecting computational resources and security computational methods.

本公开实施例中,其中一实施方式,可选地,在步骤S130,根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:In one embodiment of this disclosure, optionally, in step S130, based on the resource selection strategy information of the first computing task and the security evaluation result, a target computing resource and a target computing method for performing the first computing task are obtained, including:

根据所述资源选择因素中的参数阈值,选择相应的资源选择因素符合所述参数阈值的所述计算资源和对应的所述计算方法为待选择资源信息;其中,每一待选择资源信息分别包括一个计算资源和对应的一个计算方法;Based on the parameter thresholds in the resource selection factors, the computing resources and corresponding computing methods that meet the parameter thresholds of the corresponding resource selection factors are selected as candidate resource information; wherein, each candidate resource information includes a computing resource and a corresponding computing method.

在所述资源选择因素中安全性因素的优先级为第一优先级的情况下,选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息;其中,所述目标选择资源信息中的计算资源为所述目标计算资源,所述目标选择资源信息中的计算方法为所述目标计算方法。When the security factor has the highest priority among the resource selection factors, the resource information corresponding to the highest value of the security evaluation result is selected as the target selection resource information; wherein, the computing resource in the target selection resource information is the target computing resource, and the calculation method in the target selection resource information is the target calculation method.

可选地,资源选择因素中的参数阈值包括以下的一项或多项:Optionally, the parameter thresholds in the resource selection factors include one or more of the following:

计算资源对应的第一安全分值的第一安全阈值;The first security threshold corresponding to the first security score of the computational resource;

计算方法对应的第二安全分值的第二安全阈值;The second security threshold corresponding to the calculation method for the second security score;

安全评价结果的第三安全阈值;The third safety threshold of the safety assessment results;

算力值因素对应的算力阈值;The computing power threshold corresponding to the computing power value factor;

距离因素对应的距离阈值。Distance threshold corresponding to distance factor.

其中一实施方式,可选地,在第一计算任务的资源选择策略信息包括参数阈值的情况下,首先在所述第一计算任务和对应的所述计算方法中,选择相应的资源选择因素符合相应的参数阈值的计算资源和对应的计算方法为待选择资源信息,作为进一步确定用于执行第一计算任务的目标计算资源和目标计算方法的计算资源和计算方法。In one embodiment, optionally, if the resource selection strategy information of the first computing task includes parameter thresholds, then in the first computing task and the corresponding computing method, computing resources and corresponding computing methods that meet the corresponding parameter thresholds for the corresponding resource selection factors are selected as the resource information to be selected, as the target computing resources and target computing methods for further determining the target computing resources and target computing methods for executing the first computing task.

举例说明,在资源选择因素包括安全性因素的情况下,该参数阈值包括第一安全阈值、第二安全阈值和第三安全阈值的一项或多项,在包括第一安全阈值、第二安全阈值和第三安全阈值时,需要选择计算资源和对应的计算方法中,计算资源对应的第一安全分值大于该第一安全阈值、计算方法对应的第二安全分值大于该第二安全阈值、且安全评价结果的数值大于该第三安全阈值的计算资源和对应的计算方法为待选择资源信息。For example, when the resource selection factors include security factors, the parameter threshold may include one or more of a first security threshold, a second security threshold, and a third security threshold. When the first security threshold, the second security threshold, and the third security threshold are included, the computing resources and corresponding computing methods that have a first security score greater than the first security threshold, a second security score greater than the second security threshold, and a security evaluation result greater than the third security threshold are selected as the resource information to be selected.

本公开实施例中,所提及的待选择资源信息形成为包括一个计算资源和一个计算方法的组合。采用该实施方式,通过资源选择因素中的参数阈值,对多个计算资源和相对应的计算方法进行过滤或筛选,获得多个待选择资源信息,用于确定执行第一计算任务的目标计算资源和目标计算方法。In this embodiment of the disclosure, the resource information to be selected is formed as a combination including a computing resource and a computing method. Using this implementation, multiple computing resources and corresponding computing methods are filtered or screened through parameter thresholds in the resource selection factors to obtain multiple resource information to be selected, which is used to determine the target computing resource and target computing method for performing the first computing task.

需要说明的是,本公开实施例中,所提及的符合所述参数阈值的计算资源和对应的所述计算方法,也即根据所述计算资源和对应的所述计算方法确定的相应资源选择因素的参数数值大于相应的参数阈值。It should be noted that, in the embodiments of this disclosure, the computing resources that meet the parameter thresholds and the corresponding computing methods mentioned are, that is, the parameter values of the corresponding resource selection factors determined based on the computing resources and the corresponding computing methods are greater than the corresponding parameter thresholds.

可选地,在资源选择策略信息包括资源选择因素的优先级的情况下,该优先级可以分别配置安全性因素、算力值因素和距离因素的优先等级,如配置安全性因素为第一优先级,算力值因素为第二优先级等,具体并不以此为限。Optionally, if the resource selection strategy information includes the priority of resource selection factors, the priority can be configured to have different priority levels for security factors, computing power factors, and distance factors, such as configuring security factors as the first priority and computing power factors as the second priority, etc., and is not limited to this.

本公开实施例中,可选地,所述方法还包括以下的一项或多项:Optionally, in this embodiment of the disclosure, the method further includes one or more of the following:

依据所述待选择资源信息所对应的安全评价值由高至低的排列顺序,对多组所述待选择资源信息进行排序;Based on the security evaluation values corresponding to the candidate resource information, arranged from high to low, the multiple sets of candidate resource information are sorted.

依据为第二优先级的所述资源选择因素所对应的数值由高至低的排列顺序,对所述安全评价结果的数值最高的所述待选择资源信息进行排序。Based on the numerical order of the resource selection factors with the second priority from high to low, the resource information to be selected with the highest value of the security evaluation result is sorted.

其中一实施方式,可选地,在所述安全评价值最高所对应的待选择资源信息为至少两组的情况下,依据为第二优先级的所述资源选择因素的性能值由高至低的排列顺序,对至少两组的所述待选择资源信息进行排序。In one embodiment, if there are at least two groups of candidate resource information corresponding to the highest security evaluation value, the candidate resource information of the at least two groups is sorted according to the performance value of the resource selection factor with the second priority from high to low.

由于在第一计算任务的目标计算资源和目标计算方法选择过程中,引入安全计算方法,计算资源可支持多种不同的计算方法,针对特定计算资源,在计算资源与每一个安全计算方法进行组合后,可产生多种不同的安全效果,原本不满足安全条件的计算资源在与计算方法协同后可能满足安全条件,因此本公开实施例中,将相关技术进行各种固有属性(如带宽、路由、算力)的计算资源的选择过程,变更为对包括计算资源(携带固有属性)和计算方法相组合的待选择资源信息选择的过程,具体地,通过对包括计算资源(携带固有属性)和计算方法相组合的待选择资源信息进行排序,进行待选择资源信息选择,使得所选择的执行第一计算任务的目标计算资源和目标计算方法,更加符合第一计算任务的安全需求。Because a secure computing method is introduced during the selection of target computing resources and target computing methods for the first computing task, and computing resources can support a variety of different computing methods, various security effects can be produced when a specific computing resource is combined with each secure computing method. Computing resources that originally did not meet security conditions may meet security conditions after being combined with computing methods. Therefore, in this embodiment of the disclosure, the process of selecting computing resources with various inherent attributes (such as bandwidth, routing, and computing power) is changed to a process of selecting candidate resource information that includes a combination of computing resources (carrying inherent attributes) and computing methods. Specifically, by sorting the candidate resource information that includes a combination of computing resources (carrying inherent attributes) and computing methods, the candidate resource information is selected, so that the selected target computing resources and target computing methods for executing the first computing task are more in line with the security requirements of the first computing task.

本公开实施例中,其中一实施方式,可选地,在所述资源选择因素中安全性因素的优先级为第一优先级的情况下,计算资源选择过程包括如下步骤:In one embodiment of this disclosure, optionally, when the priority of the security factor among the resource selection factors is the first priority, the resource selection process includes the following steps:

依据所述待选择资源信息所对应的安全评价结果的数值由高至低的排列顺序,对多组所述待选择资源信息进行排序;如图2所示,多个待选择资源信息分别包括多个计算资源resource和多个计算方法method,如表示为resource1+method1、resource1+method4、resource1+method3、…、resource x+method2等,依据上述方式所计算的安全评价结果,可以对该计算资源和计算方法的多个组合进行由高至低排序;Based on the numerical order of the security evaluation results corresponding to the candidate resource information from high to low, the multiple sets of candidate resource information are sorted. As shown in Figure 2, the multiple candidate resource information includes multiple computing resources and multiple computing methods, such as resource1+method1, resource1+method4, resource1+method3, ..., resource x+method2, etc. Based on the security evaluation results calculated in the above manner, multiple combinations of computing resources and computing methods can be sorted from high to low.

在所述安全评价结果的数值最高所对应的待选择资源信息为至少两组的情况下,依据为第二优先级的所述资源选择因素的性能值由高至低的排列顺序,对至少两组的所述待选择资源信息进行排序;也即,具体地,对于安全评价结果的数值同为最高的至少两组的计算资源和计算方法的组合,依据次优先级的资源选择因素对该至少两组的计算资源和计算方法的组合进行排序。例如,第二优先级的资源选择因素可以为算力值因素,对于安全评价值同为最高的至少两组的计算资源和计算方法的组合,可以继续依据算力值因素由高至低进行排序。If there are at least two groups of candidate resource information corresponding to the highest value of the security evaluation result, the candidate resource information is sorted according to the performance value of the resource selection factor with the second priority, from highest to lowest. Specifically, for the combination of computing resources and computing methods of at least two groups with the highest security evaluation results, the combination of computing resources and computing methods of at least two groups is sorted according to the resource selection factor with the second priority. For example, the resource selection factor with the second priority can be the computing power factor; for the combination of computing resources and computing methods of at least two groups with the highest security evaluation values, the sorting can continue to be based on the computing power factor from highest to lowest.

同理,依据上述排序原理,在第二优先级的所述资源选择因素对应的性能值最高所对应的待选择资源信息为至少两组的情况下,依据为第三优先级的所述资源选择因素的性能值由高至低的排列顺序,再次对第二优先级的所述资源选择因素对应的性能值最高的至少两组的所述待选择资源信息进行排序,依此类推,直到完成所有设置了优先级的因素的排序,选择安全评价结果的数值最高且其他资源选择因素的优先级符合资源选择策略信息所设定的优先级的计算资源和计算方法的组合为目标选择资源信息。Similarly, based on the above sorting principle, when there are at least two groups of candidate resource information corresponding to the highest performance value of the resource selection factor of the second priority, the candidate resource information of the at least two groups of candidates with the highest performance value corresponding to the resource selection factor of the second priority is sorted again according to the order of the performance values of the resource selection factor of the third priority from high to low. This process is repeated until all factors with set priorities are sorted. The combination of calculation resources and calculation methods with the highest security evaluation result and whose priorities of other resource selection factors meet the priorities set in the resource selection strategy information is selected as the target selection resource information.

根据以上,本公开其中一实施例所述方法中,可选地,所述选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息,包括:Based on the above, in one embodiment of the method described in this disclosure, optionally, selecting the resource information to be selected corresponding to the highest value of the security evaluation result as the target resource information includes:

根据所述资源选择因素的优先级,确定第二优先级的所述资源选择因素;Based on the priority of the resource selection factors, determine the resource selection factors with the second priority;

选择所述安全评价结果的数值最高所对应的所述待选择资源信息中,相对应的第二优先级的所述资源选择因素为最优的所述待选择资源信息为所述目标选择资源信息。The resource information with the highest value of the security evaluation result is selected as the target resource information, and the resource information with the second priority as the optimal resource selection factor is selected from the resource information to be selected.

具体地,在所述安全评价结果的数值最高所对应的待选择资源信息为至少两组的情况下,根据所述资源选择因素的优先级,确定第二优先级的所述资源选择因素;Specifically, when there are at least two sets of candidate resource information corresponding to the highest value of the security evaluation result, the resource selection factor with the second priority is determined according to the priority of the resource selection factor.

选择所述安全评价结果的数值最高所对应的至少两组的所述待选择资源信息中,相对应的第二优先级的所述资源选择因素为性能值最高的所述待选择资源信息为所述目标选择资源信息。Among the at least two groups of candidate resource information corresponding to the highest value of the security evaluation result, the candidate resource information with the highest performance value corresponding to the second priority resource selection factor is the target selection resource information.

另一实施方式中,可选地,在步骤S130,根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述计算任务的目标计算资源和目标计算方法,包括:In another embodiment, optionally, in step S130, based on the resource selection strategy information of the first computing task and the security evaluation result, the target computing resources and target computing method for performing the computing task are obtained, including:

在根据所述资源选择因素的优先级,确定所述资源选择因素中的第一资源选择因素的优先级为第一优先级,且所述第一资源选择因素并非为安全性因素的情况下,依据所述第一资源选择因素所对应的数值由高至低的排列顺序,对所述计算资源进行排序,获得最优的所述计算资源;If the priority of the first resource selection factor is determined to be the first priority based on the priority of the resource selection factors, and the first resource selection factor is not a security factor, the computing resources are sorted according to the numerical order of the first resource selection factor from high to low to obtain the optimal computing resources.

根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法。Based on the security evaluation results corresponding to the optimal computing resources, the target computing resources and target computing methods for performing the first computing task are determined.

其中一实施方式,可选地,根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:In one implementation, optionally, based on the security evaluation result corresponding to the optimal computing resources, the target computing resources and target computing method for performing the first computing task are determined, including:

根据所述资源选择因素的优先级,依次将所述第一优先级之后的下一个优先级的资源选择因素作为第二资源选择因素;Based on the priority of the resource selection factors, the resource selection factor with the next highest priority after the first priority is selected as the second resource selection factor.

在所述第二资源选择因素并非为安全性因素的情况下,依据所述第二资源选择因素所对应的数值由高至低的排序顺序,对上次排序所获得的最优的所述计算资源进行排序;在所述第二资源选择因素为安全性因素的情况下,依据相对应的所述安全评价结果的数值由高至低的排列顺序,将上次排序所获得的最优的所述计算资源分别和对应的计算方法相组合后进行排序,获得最优的待选择资源信息;If the second resource selection factor is not a security factor, the optimal computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. If the second resource selection factor is a security factor, the optimal computing resources obtained in the previous sorting are combined with the corresponding calculation methods and sorted according to the numerical order of the corresponding security evaluation results from high to low to obtain the optimal candidate resource information.

在完成依据每一优先级的所述资源选择因素的排序后,选择最优的所述待选择资源信息中的计算资源为所述目标计算资源,以及所述待选择资源信息中的计算方法为所述目标计算方法。After sorting the resource selection factors according to each priority, the optimal computing resource in the candidate resource information is selected as the target computing resource, and the computing method in the candidate resource information is selected as the target computing method.

采用该实施方式,可选地,在所述资源选择因素中安全性因素的优先级并非为第一优先级的情况下,计算资源选择过程包括如下步骤:In this implementation, optionally, if the priority of the security factor among the resource selection factors is not the first priority, the resource selection process includes the following steps:

依据第一资源选择因素(第一优先级)的性能值由高至低的排列顺序,对多个计算资源进行排序,如图3所示;Based on the performance values of the first resource selection factor (first priority) from high to low, multiple computing resources are sorted, as shown in Figure 3;

在多个所述计算资源中,对应所述第一资源选择因素的性能值最高的所述计算资源的数量为至少两个,则根据所述资源选择因素的优先级,依次将第一优先级之后的下一个优先级的资源选择因素作为第二资源选择因素,对第一资源选择因素的性能值最高的该至少两个计算资源进行排序。If, among the multiple computing resources, there are at least two computing resources with the highest performance value corresponding to the first resource selection factor, then according to the priority of the resource selection factor, the next priority after the first priority is taken as the second resource selection factor, and the at least two computing resources with the highest performance value of the first resource selection factor are sorted.

其中,在第二资源选择因素并非为安全性因素的情况下,依据所述第二资源选择因素所对应的数值由高至低的排序顺序,对上次排序所获得的最优(也即性能值最高)的所述计算资源进行排序;在第二资源选择因素为安全性因素的情况下,依据相对应的所述安全评价结果的数值由高至低的排列顺序,对上次排序所获得的最优的至少两个所述计算资源和对应的所述计算方法进行排序;采用该步骤,对于最高排序中的至少两个计算资源,按照次优先级进行排序,可选地,在以安全性因素进行排序时,对于最高排序中的至少两个计算资源,以计算资源和计算方法的组合进行排序,也即将资源排序扩展为计算资源与计算方法相组合的排序;Where the second resource selection factor is not a security factor, the computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. Where the second resource selection factor is a security factor, the at least two computing resources obtained in the previous sorting and the corresponding computing methods are sorted according to the numerical order of the corresponding security evaluation results from high to low. Using this step, at least two computing resources in the highest ranking are sorted according to the next highest priority. Optionally, when sorting by security factor, at least two computing resources in the highest ranking are sorted by a combination of computing resources and computing methods, that is, the resource sorting is extended to a sorting of a combination of computing resources and computing methods.

同理,在以安全性因素进行排序后,在安全评价结果的数值最高的计算资源和计算方法为至少两组的情况下,可以继续依据下一个优先级的资源选择因素,对安全评价结果的数值最高的至少两组的计算资源和计算方法再次进行排序,直到完成了所有设置了优先级的资源选择因素的排序,选择处于最优位置的计算资源和计算方法的组合为对应的目标计算资源和目标计算方法,用于执行第一计算任务。Similarly, after sorting by security factors, if there are at least two groups of computing resources and computing methods with the highest security evaluation results, the sorting can continue based on the next priority resource selection factor. This process continues until all priority resource selection factors have been sorted. The combination of computing resources and computing methods in the optimal position is then selected as the corresponding target computing resources and target computing methods for executing the first computing task.

采用本公开实施例所述计算信息获取方法,在进行计算资源的选择时,将安全计算方法纳入考虑因素,并设计了综合多因素的算力资源决策策略,可以辅助用户更合理的选择计算资源和安全计算方法。The computational information acquisition method described in this disclosure incorporates secure computational methods into the selection of computational resources and designs a comprehensive multi-factor computational resource decision-making strategy, which can help users make more reasonable selections of computational resources and secure computational methods.

本公开其中一实施例还提供一种计算信息获取装置,如图4所示,该装置包括:One embodiment of this disclosure also provides a computational information acquisition device, as shown in FIG4, the device comprising:

信息获取模块410,用于获取至少一计算资源的第一指标信息,以及获取对应每一所述计算资源采用的计算方法的第二指标信息;The information acquisition module 410 is used to acquire first indicator information of at least one computing resource and second indicator information of the computing method used for each computing resource.

第一确定模块420,用于根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果;The first determining module 420 is used to obtain the security evaluation results of different computing methods corresponding to each computing resource based on the first indicator information and the second indicator information.

第二确定模块430,用于根据所述安全评价结果,获得所述至少一计算资源和对应的所述计算方法中,用于执行第一计算任务的目标计算资源和目标计算方法。The second determining module 430 is used to obtain, based on the security evaluation result, the target computing resource and the target computing method used to perform the first computing task among the at least one computing resource and the corresponding computing method.

本公开实施例所述计算信息获取装置,通过将计算资源及对应的计算方法进行综合评价,确定计算资源对应不同计算方法的安全评价结果,根据该安全评价结果,确定用于执行计算任务的计算资源和计算方法,以能够采用合适的安全计算方法为计算任务选择适配的计算资源和计算方法,达到满足计算任务的安全需求的效果。The computational information acquisition device described in this embodiment comprehensively evaluates computational resources and corresponding computational methods to determine the security evaluation results of different computational methods corresponding to the computational resources. Based on the security evaluation results, it determines the computational resources and computational methods used to perform computational tasks, so as to select suitable computational resources and computational methods for computational tasks using appropriate security computational methods, thereby achieving the effect of meeting the security requirements of computational tasks.

可选地,所述的计算信息获取装置,其中,第二确定模块430还用于:Optionally, in the aforementioned computational information acquisition device, the second determining module 430 is further configured to:

根据所述第一指标信息和/或所述第二指标信息,获得所述至少一计算资源和对应的计算方法中,符合所述第一计算任务的要求的计算资源和对应的计算方法,用于确定所述目标计算资源和所述目标计算方法。Based on the first indicator information and/or the second indicator information, obtain the computing resources and corresponding computing methods that meet the requirements of the first computing task from among the at least one computing resource and the corresponding computing method, and use them to determine the target computing resources and the target computing method.

可选地,所述的计算信息获取装置,其中,信息获取模块410还用于执行以下的一项或多项:Optionally, in the aforementioned computational information acquisition device, the information acquisition module 410 is further configured to perform one or more of the following:

根据第一预设时间范围内采用所述计算资源执行历史计算任务的计算信息,获得所述第一指标信息;The first indicator information is obtained based on the computation information of historical computation tasks performed using the computing resources within a first preset time range;

根据第二预设时间范围内采用所述计算方法执行历史计算任务的计算信息,获得所述第二指标信息。The second indicator information is obtained based on the calculation information of historical calculation tasks performed using the calculation method within the second preset time range.

可选地,所述的计算信息获取装置,其中,所述第一指标信息包括可信度指标信息和/或安全能力指标信息;和/或Optionally, in the computational information acquisition device, the first indicator information includes trustworthiness indicator information and/or security capability indicator information; and/or

所述第二指标信息包括机密性指标信息、可验证性指标信息、计算时延和计算精确度中的一项或多项。The second indicator information includes one or more of the following: confidentiality indicator information, verifiability indicator information, computation latency, and computation accuracy.

可选地,所述的计算信息获取装置,其中,第一确定模块420根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果,包括:Optionally, in the computational information acquisition device, the first determining module 420 obtains a security evaluation result for each computational resource corresponding to a different computational method based on the first indicator information and the second indicator information, including:

根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值;以及,根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值;Based on each first indicator information of the computing resource, a first security score corresponding to the computing resource is obtained; and based on each second indicator information of the computing resource using one of the calculation methods, a corresponding second security score is obtained.

根据所述第一安全分值和所述第二安全分值,获得所述计算资源对应所述其中一个计算方法的安全评价结果。Based on the first security score and the second security score, a security evaluation result is obtained for the computing resource corresponding to one of the computing methods.

可选地,所述的计算信息获取装置,其中,第一确定模块420根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值,包括:Optionally, in the computational information acquisition device, the first determining module 420 obtains a first security score corresponding to the computational resource based on each first indicator information of the computational resource, including:

获得每一所述第一指标信息分别对应的第一安全指标值;Obtain the first security indicator value corresponding to each of the first indicator information;

根据每一所述第一安全指标值,获得所述计算资源对应的所述第一安全分值。Based on each of the first security index values, the first security score corresponding to the computing resource is obtained.

可选地,所述的计算信息获取装置,其中,第一确定模块420根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值,包括:Optionally, in the computational information acquisition device, the first determining module 420 obtains a corresponding second security score based on each second indicator information of the computational resource using one of the computational methods, including:

获得每一所述第二指标信息分别对应的第二安全指标值;Obtain the second security indicator value corresponding to each of the second indicator information;

根据每一所述第二安全指标值,获得所述计算资源采用所述其中一个计算方法所对应的所述第二安全分值。Based on each of the second security index values, the second security score corresponding to the computing resource using one of the calculation methods is obtained.

可选地,所述的计算信息获取装置,其中,第一确定模块420根据所述第一安全分值和所述第二安全分值,获得所述计算资源对应所述其中一个计算方法的安全评价结果,包括:Optionally, in the computational information acquisition device, the first determining module 420 obtains a security evaluation result of the computational resource corresponding to one of the computational methods based on the first security score and the second security score, including:

将所述第一安全分值和所述第二安全分值进行加权操作,获得所述计算资源对应所述其中一个计算方法的安全评价结果。The first security score and the second security score are weighted to obtain the security evaluation result of the computing resource corresponding to one of the computing methods.

可选地,所述的计算信息获取装置,其中,第二确定模块430根据所述安全评价结果,获得用于执行第一计算任务的目标计算资源和目标计算方法,包括:Optionally, in the computational information acquisition device, the second determining module 430 obtains the target computational resources and target computational method for performing the first computational task based on the security evaluation result, including:

根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法;Based on the resource selection strategy information of the first computing task and the security evaluation result, the target computing resources and target computing method for executing the first computing task are obtained.

其中,所述资源选择策略信息包括以下的一项或多项:The resource selection strategy information includes one or more of the following:

资源选择因素;Resource selection factors;

资源选择因素的优先级;Prioritization of resource selection factors;

资源选择因素中的参数阈值。Threshold parameters in resource selection factors.

可选地,所述的计算信息获取装置,其中,第二确定模块430根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:Optionally, in the computational information acquisition device, the second determining module 430 obtains the target computational resources and target computational method for executing the first computational task based on the resource selection strategy information of the first computational task and the security evaluation result, including:

根据所述资源选择因素中的参数阈值,选择相应的资源选择因素符合所述参数阈值的所述计算资源和对应的所述计算方法为待选择资源信息;其中,每一待选择资源信息分别包括一个计算资源和对应的一个计算方法;Based on the parameter thresholds in the resource selection factors, the computing resources and corresponding computing methods that meet the parameter thresholds of the corresponding resource selection factors are selected as candidate resource information; wherein, each candidate resource information includes a computing resource and a corresponding computing method.

在所述资源选择因素中安全性因素的优先级为第一优先级的情况下,选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息;其中,所述目标选择资源信息中的计算资源为所述目标计算资源,所述目标选择资源信息中的计算方法为所述目标计算方法。When the security factor has the highest priority among the resource selection factors, the resource information corresponding to the highest value of the security evaluation result is selected as the target selection resource information; wherein, the computing resource in the target selection resource information is the target computing resource, and the calculation method in the target selection resource information is the target calculation method.

可选地,所述的计算信息获取装置,其中,所述第二确定模块430选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息,包括:Optionally, in the computational information acquisition device, the second determining module 430 selects the resource information to be selected corresponding to the highest value of the security evaluation result as the target resource information, including:

根据所述资源选择因素的优先级,确定第二优先级的所述资源选择因素;Based on the priority of the resource selection factors, determine the resource selection factors with the second priority;

选择所述安全评价结果的数值最高所对应的所述待选择资源信息中,相对应的第二优先级的所述资源选择因素为最优的所述待选择资源信息为所述目标选择资源信息。The resource information with the highest value of the security evaluation result is selected as the target resource information, and the resource information with the second priority as the optimal resource selection factor is selected from the resource information to be selected.

可选地,所述的计算信息获取装置,其中,所述第二确定模块430还用于执行以下的一项或多项:Optionally, in the computational information acquisition device, the second determining module 430 is further configured to perform one or more of the following:

依据所述待选择资源信息所对应的安全评价结果的数值由高至低的排列顺序,对多组所述待选择资源信息进行排序;Based on the numerical order of the security evaluation results corresponding to the resource information to be selected, from high to low, the multiple sets of resource information to be selected are sorted.

依据为第二优先级的所述资源选择因素所对应的数值由高至低的排列顺序,对所述安全评价结果的数值最高的所述待选择资源信息进行排序。Based on the numerical order of the resource selection factors with the second priority from high to low, the resource information to be selected with the highest value of the security evaluation result is sorted.

可选地,所述的计算信息获取装置,其中,第二确定模块430根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述计算任务的目标计算资源和目标计算方法,包括:Optionally, in the computational information acquisition device, the second determining module 430 obtains the target computational resources and target computational method for performing the computational task based on the resource selection strategy information of the first computational task and the security evaluation result, including:

在根据所述资源选择因素的优先级,确定所述资源选择因素中的第一资源选择因素的优先级为第一优先级,且所述第一资源选择因素并非为安全性因素的情况下,依据所述第一资源选择因素所对应的数值由高至低的排列顺序,对所述计算资源进行排序,获得最优的所述计算资源;If the priority of the first resource selection factor is determined to be the first priority based on the priority of the resource selection factors, and the first resource selection factor is not a security factor, the computing resources are sorted according to the numerical order of the first resource selection factor from high to low to obtain the optimal computing resources.

根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法。Based on the security evaluation results corresponding to the optimal computing resources, the target computing resources and target computing methods for performing the first computing task are determined.

可选地,所述的计算信息获取装置,其中,第二确定模块430根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:Optionally, in the computational information acquisition device, the second determining module 430 determines the target computational resources and target computational method for performing the first computational task based on the security evaluation result corresponding to the optimal computational resources, including:

根据所述资源选择因素的优先级,依次将所述第一优先级之后的下一个优先级的资源选择因素作为第二资源选择因素;Based on the priority of the resource selection factors, the resource selection factor with the next highest priority after the first priority is selected as the second resource selection factor.

在所述第二资源选择因素并非为安全性因素的情况下,依据所述第二资源选择因素所对应的数值由高至低的排序顺序,对上次排序所获得的最优的所述计算资源进行排序;在所述第二资源选择因素为安全性因素的情况下,依据相对应的所述安全评价结果的数值由高至低的排列顺序,将上次排序所获得的最优的所述计算资源分别和对应的计算方法相组合后进行排序,获得最优的待选择资源信息;If the second resource selection factor is not a security factor, the optimal computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. If the second resource selection factor is a security factor, the optimal computing resources obtained in the previous sorting are combined with the corresponding calculation methods and sorted according to the numerical order of the corresponding security evaluation results from high to low to obtain the optimal candidate resource information.

在完成依据每一优先级的所述资源选择因素的排序后,选择最优的所述待选择资源信息中的计算资源为所述目标计算资源,以及所述待选择资源信息中的计算方法为所述目标计算方法。After sorting the resource selection factors according to each priority, the optimal computing resource in the candidate resource information is selected as the target computing resource, and the computing method in the candidate resource information is selected as the target computing method.

本公开其中一实施例还提供一种网络设备,包括处理器、存储器及存储在所述存储器上并可在所述处理器上运行的程序,所述程序被所述处理器执行时实现如上任一项所述的计算信息获取方法。One embodiment of this disclosure also provides a network device, including a processor, a memory, and a program stored in the memory and executable on the processor, wherein the program, when executed by the processor, implements the computational information acquisition method as described in any of the preceding claims.

本公开实施例所述网络设备中,所述程序被所述处理器执行时实现如上所述的计算信息获取方法的具体实施方式,可以参阅该方法对应具体实施方式中的详细说明,在此不再重复说明。In the network device described in this embodiment, when the program is executed by the processor, it implements the specific implementation of the computational information acquisition method as described above. For details, please refer to the detailed description of the corresponding specific implementation of the method, which will not be repeated here.

另外,本公开具体实施例还提供一种可读存储介质,其上存储有计算机程序,其中,该程序被处理器执行时实现如上中任一项所述计算信息获取方法中的步骤。In addition, specific embodiments of this disclosure also provide a readable storage medium having a computer program stored thereon, wherein when the program is executed by a processor, it implements the steps in the computational information acquisition method described in any of the above.

具体地,该可读存储介质应用于上述的网络设备,在应用于网络设备时,对应计算信息获取方法中的执行步骤如上的详细描述,在此不再赘述。Specifically, the readable storage medium is applied to the aforementioned network device. When applied to the network device, the execution steps in the corresponding computational information acquisition method are described in detail above and will not be repeated here.

本公开另一实施例还提供一种计算机程序产品,其中,包括计算机指令,所述计算机指令被处理器执行时实现如上中任一项所述的计算信息获取方法中的步骤。Another embodiment of this disclosure also provides a computer program product, which includes computer instructions that, when executed by a processor, implement the steps of the computational information acquisition method as described above.

可选地,本公开实施例可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、只读光盘只读存储器(Compact Disc Read-Only Memory,CD-ROM)、光学存储器等)上实施的计算机程序产品的形式。Optionally, embodiments of this disclosure may take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, compact disc read-only memory (CD-ROM), optical storage, etc.) containing computer-usable program code.

本公开实施例所述计算机程序产品,所包括的计算机指令在被处理器执行时实现如上所示计算信息获取方法实施例的各个过程,且能够达到相同的技术效果,为避免重复,这里不再赘述。The computer program product described in this disclosure includes computer instructions that, when executed by a processor, implement the various processes of the computational information acquisition method embodiment shown above, and can achieve the same technical effect. To avoid repetition, these will not be repeated here.

在本公开所提供的几个实施例中,应该理解到,所揭露方法和装置,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this disclosure, it should be understood that the disclosed methods and apparatus can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative. For instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be through some interfaces, or indirect coupling or communication connection between devices or units, and may be electrical, mechanical, or other forms.

另外,在本公开各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理包括,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用硬件加软件功能单元的形式实现。Furthermore, the functional units in the various embodiments of this disclosure can be integrated into one processing unit, or each unit can be physically comprised separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or in the form of hardware plus software functional units.

上述以软件功能单元的形式实现的集成的单元,可以存储在一个计算机可读取存储介质中。上述软件功能单元存储在一个存储介质中,包括若干指令用使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本公开各个实施例所述收发方法的部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(Random Access Memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。The integrated units implemented as software functional units described above can be stored in a computer-readable storage medium. These software functional units, stored in a storage medium, include several instructions that cause a computer device (which may be a personal computer, server, or network device, etc.) to execute some steps of the transmission and reception methods described in the various embodiments of this disclosure. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

以上所述的是本公开的优选实施方式,应当指出对于本技术领域的普通人员来说,在不脱离本公开所述原理前提下,还可以作出若干改进和润饰,这些改进和润饰也应视为本公开的保护范围。The above describes the preferred embodiments of this disclosure. It should be noted that those skilled in the art can make various improvements and modifications without departing from the principles described in this disclosure, and these improvements and modifications should also be considered within the scope of protection of this disclosure.

Claims (17)

一种计算信息获取方法,包括:A method for acquiring computational information, comprising: 获取至少一计算资源的第一指标信息,以及获取对应每一所述计算资源采用的计算方法的第二指标信息;Obtain first indicator information of at least one computing resource, and obtain second indicator information of the computing method used for each computing resource; 根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果;Based on the first indicator information and the second indicator information, obtain the security evaluation results of each computing resource corresponding to different computing methods; 根据所述安全评价结果,获得所述至少一计算资源和对应的所述计算方法中,用于执行第一计算任务的目标计算资源和目标计算方法。Based on the security evaluation results, the target computing resource and target computing method for performing the first computing task are obtained from the at least one computing resource and the corresponding computing method. 根据权利要求1所述的计算信息获取方法,所述方法还包括:The computational information acquisition method according to claim 1, further comprising: 根据所述第一指标信息和/或所述第二指标信息,获得所述至少一计算资源和对应的计算方法中,符合所述第一计算任务的要求的计算资源和对应的计算方法,用于确定所述目标计算资源和所述目标计算方法。Based on the first indicator information and/or the second indicator information, obtain the computing resources and corresponding computing methods that meet the requirements of the first computing task from among the at least one computing resource and the corresponding computing method, and use them to determine the target computing resources and the target computing method. 根据权利要求1所述的计算信息获取方法,所述方法还包括以下的一项或多项:The computational information acquisition method according to claim 1 further includes one or more of the following: 根据第一预设时间范围内采用所述计算资源执行历史计算任务的计算信息,获得所述第一指标信息;The first indicator information is obtained based on the computation information of historical computation tasks performed using the computing resources within a first preset time range; 根据第二预设时间范围内采用所述计算方法执行历史计算任务的计算信息,获得所述第二指标信息。The second indicator information is obtained based on the calculation information of historical calculation tasks performed using the calculation method within the second preset time range. 根据权利要求1所述的计算信息获取方法,其中,根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果,包括:According to the computational information acquisition method of claim 1, obtaining the security evaluation result of each computational resource corresponding to different computational methods based on the first indicator information and the second indicator information includes: 根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值;以及,根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值;Based on each first indicator information of the computing resource, a first security score corresponding to the computing resource is obtained; and based on each second indicator information of the computing resource using one of the calculation methods, a corresponding second security score is obtained. 根据所述第一安全分值和所述第二安全分值,获得所述计算资源对应所述其中一个计算方法的安全评价结果。Based on the first security score and the second security score, a security evaluation result is obtained for the computing resource corresponding to one of the computing methods. 根据权利要求4所述的计算信息获取方法,其中,根据所述计算资源的每一第一指标信息,获得所述计算资源对应的第一安全分值,包括:According to the computational information acquisition method of claim 4, obtaining the first security score corresponding to the computational resource based on each first indicator information of the computational resource includes: 获得每一所述第一指标信息分别对应的第一安全指标值;Obtain the first security indicator value corresponding to each of the first indicator information; 根据每一所述第一安全指标值,获得所述计算资源对应的所述第一安全分值。Based on each of the first security index values, the first security score corresponding to the computing resource is obtained. 根据权利要求4所述的计算信息获取方法,其中,根据所述计算资源采用其中一个计算方法的每一第二指标信息,获得对应的第二安全分值,包括:According to the computational information acquisition method of claim 4, obtaining the corresponding second security score based on each second indicator information of the computational resource using one of the computational methods includes: 获得每一所述第二指标信息分别对应的第二安全指标值;Obtain the second security indicator value corresponding to each of the second indicator information; 根据每一所述第二安全指标值,获得所述计算资源采用所述其中一个计算方法所对应的所述第二安全分值。Based on each of the second security index values, the second security score corresponding to the computing resource using one of the calculation methods is obtained. 根据权利要求4所述的计算信息获取方法,其中,根据所述第一安全分值和所述第二安全分值,获得所述计算资源对应所述其中一个计算方法的安全评价结果,包括:According to the computational information acquisition method of claim 4, obtaining the security evaluation result of the computational resource corresponding to one of the computational methods based on the first security score and the second security score includes: 将所述第一安全分值和所述第二安全分值进行加权操作,获得所述计算资源对应所述其中一个计算方法的安全评价结果。The first security score and the second security score are weighted to obtain the security evaluation result of the computing resource corresponding to one of the computing methods. 根据权利要求1所述的计算信息获取方法,其中,根据所述安全评价结果,获得用于执行第一计算任务的目标计算资源和目标计算方法,包括:According to the computational information acquisition method of claim 1, obtaining the target computational resources and target computational method for performing the first computational task based on the security evaluation result includes: 根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法;Based on the resource selection strategy information of the first computing task and the security evaluation result, the target computing resources and target computing method for executing the first computing task are obtained. 其中,所述资源选择策略信息包括以下的一项或多项:The resource selection strategy information includes one or more of the following: 资源选择因素;Resource selection factors; 资源选择因素的优先级;Prioritization of resource selection factors; 资源选择因素中的参数阈值。Threshold parameters in resource selection factors. 根据权利要求8所述的计算信息获取方法,其中,根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:According to the computational information acquisition method of claim 8, obtaining the target computational resources and target computational method for executing the first computational task based on the resource selection strategy information of the first computational task and the security evaluation result includes: 根据所述资源选择因素中的参数阈值,选择相应的资源选择因素符合所述参数阈值的所述计算资源和对应的所述计算方法为待选择资源信息;其中,每一待选择资源信息分别包括一个计算资源和对应的一个计算方法;Based on the parameter thresholds in the resource selection factors, the computing resources and corresponding computing methods that meet the parameter thresholds of the corresponding resource selection factors are selected as candidate resource information; wherein, each candidate resource information includes a computing resource and a corresponding computing method. 在所述资源选择因素中安全性因素的优先级为第一优先级的情况下,选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息;其中,所述目标选择资源信息中的计算资源为所述目标计算资源,所述目标选择资源信息中的计算方法为所述目标计算方法。When the security factor has the highest priority among the resource selection factors, the resource information corresponding to the highest value of the security evaluation result is selected as the target selection resource information; wherein, the computing resource in the target selection resource information is the target computing resource, and the calculation method in the target selection resource information is the target calculation method. 根据权利要求9所述的计算信息获取方法,其中,所述选择所述安全评价结果的数值最高所对应的所述待选择资源信息为目标选择资源信息,包括:According to the calculation information acquisition method of claim 9, wherein selecting the resource information to be selected corresponding to the highest value of the security evaluation result as the target resource information includes: 根据所述资源选择因素的优先级,确定第二优先级的所述资源选择因素;Based on the priority of the resource selection factors, determine the resource selection factors with the second priority; 选择所述安全评价结果的数值最高所对应的所述待选择资源信息中,相对应的第二优先级的所述资源选择因素为最优的所述待选择资源信息为所述目标选择资源信息。The resource information with the highest value of the security evaluation result is selected as the target resource information, and the resource information with the second priority as the optimal resource selection factor is selected from the resource information to be selected. 根据权利要求9或10所述的计算信息获取方法,所述方法还包括以下的一项或多项:The computational information acquisition method according to claim 9 or 10 further includes one or more of the following: 依据所述待选择资源信息所对应的安全评价结果的数值由高至低的排列顺序,对多组所述待选择资源信息进行排序;Based on the numerical order of the security evaluation results corresponding to the resource information to be selected, from high to low, the multiple sets of resource information to be selected are sorted. 依据为第二优先级的所述资源选择因素所对应的数值由高至低的排列顺序,对所述安全评价结果的数值最高的所述待选择资源信息进行排序。Based on the numerical order of the resource selection factors with the second priority from high to low, the resource information to be selected with the highest value of the security evaluation result is sorted. 根据权利要求8所述的计算信息获取方法,其中,根据所述第一计算任务的资源选择策略信息和所述安全评价结果,获得用于执行所述计算任务的目标计算资源和目标计算方法,包括:According to the computational information acquisition method of claim 8, obtaining the target computational resources and target computational method for executing the computational task based on the resource selection strategy information of the first computational task and the security evaluation result includes: 在根据所述资源选择因素的优先级,确定所述资源选择因素中的第一资源选择因素的优先级为第一优先级,且所述第一资源选择因素并非为安全性因素的情况下,依据所述第一资源选择因素所对应的数值由高至低的排列顺序,对所述计算资源进行排序,获得最优的所述计算资源;If the priority of the first resource selection factor is determined to be the first priority based on the priority of the resource selection factors, and the first resource selection factor is not a security factor, the computing resources are sorted according to the numerical order of the first resource selection factor from high to low to obtain the optimal computing resources. 根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法。Based on the security evaluation results corresponding to the optimal computing resources, the target computing resources and target computing methods for performing the first computing task are determined. 根据权利要求12所述的计算信息获取方法,其中,根据最优的所述计算资源所对应的安全评价结果,确定用于执行所述第一计算任务的目标计算资源和目标计算方法,包括:According to the computational information acquisition method of claim 12, determining the target computational resource and target computational method for performing the first computational task based on the security evaluation result corresponding to the optimal computational resource includes: 根据所述资源选择因素的优先级,依次将所述第一优先级之后的下一个优先级的资源选择因素作为第二资源选择因素;Based on the priority of the resource selection factors, the resource selection factor with the next highest priority after the first priority is selected as the second resource selection factor. 在所述第二资源选择因素并非为安全性因素的情况下,依据所述第二资源选择因素所对应的数值由高至低的排序顺序,对上次排序所获得的最优的所述计算资源进行排序;在所述第二资源选择因素为安全性因素的情况下,依据相对应的所述安全评价结果的数值由高至低的排列顺序,将上次排序所获得的最优的所述计算资源分别和对应的计算方法相组合后进行排序,获得最优的待选择资源信息;If the second resource selection factor is not a security factor, the optimal computing resources obtained in the previous sorting are sorted according to the numerical order of the second resource selection factor from high to low. If the second resource selection factor is a security factor, the optimal computing resources obtained in the previous sorting are combined with the corresponding calculation methods and sorted according to the numerical order of the corresponding security evaluation results from high to low to obtain the optimal candidate resource information. 在完成依据每一优先级的所述资源选择因素的排序后,选择最优的所述待选择资源信息中的计算资源为所述目标计算资源,以及所述待选择资源信息中的计算方法为所述目标计算方法。After sorting the resource selection factors according to each priority, the optimal computing resource in the candidate resource information is selected as the target computing resource, and the computing method in the candidate resource information is selected as the target computing method. 一种计算信息获取装置,包括:A computational information acquisition device, comprising: 信息获取模块,用于获取至少一计算资源的第一指标信息,以及获取对应每一所述计算资源采用的计算方法的第二指标信息;The information acquisition module is used to acquire first indicator information of at least one computing resource, and to acquire second indicator information of the computing method used for each computing resource. 第一确定模块,用于根据所述第一指标信息和所述第二指标信息,获得每一所述计算资源对应不同所述计算方法的安全评价结果;The first determining module is used to obtain the security evaluation results of different computing methods corresponding to each computing resource based on the first indicator information and the second indicator information. 第二确定模块,用于根据所述安全评价结果,获得所述至少一计算资源和对应的所述计算方法中,用于执行第一计算任务的目标计算资源和目标计算方法。The second determining module is used to obtain, based on the security evaluation result, the target computing resource and the target computing method used to perform the first computing task from among the at least one computing resource and the corresponding computing method. 一种网络设备,包括处理器、存储器及存储在所述存储器上并可在所述处理器上运行的程序,所述程序被所述处理器执行时实现如权利要求1至13任一项所述的计算信息获取方法。A network device includes a processor, a memory, and a program stored in the memory and executable on the processor, wherein the program, when executed by the processor, implements the computational information acquisition method as described in any one of claims 1 to 13. 一种可读存储介质,所述可读存储介质上存储有程序,所述程序被处理器执行时实现如权利要求1至13任一项所述计算信息获取方法中的步骤。A readable storage medium storing a program that, when executed by a processor, implements the steps of the computational information acquisition method as described in any one of claims 1 to 13. 一种计算机程序产品,包括计算机指令,所述计算机指令被处理器执行时实现如权利要求1至13任一项所述计算信息获取方法中的步骤。A computer program product includes computer instructions that, when executed by a processor, implement the steps of the computational information acquisition method as described in any one of claims 1 to 13.
PCT/CN2025/087030 2024-05-08 2025-04-03 Computing information acquisition method and apparatus, and device and medium Pending WO2025232412A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202410562039.6 2024-05-08
CN202410562039.6A CN118797652A (en) 2024-05-08 2024-05-08 Computational information acquisition method, device, equipment and medium

Publications (1)

Publication Number Publication Date
WO2025232412A1 true WO2025232412A1 (en) 2025-11-13

Family

ID=93022567

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2025/087030 Pending WO2025232412A1 (en) 2024-05-08 2025-04-03 Computing information acquisition method and apparatus, and device and medium

Country Status (2)

Country Link
CN (1) CN118797652A (en)
WO (1) WO2025232412A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN121277792A (en) * 2025-12-03 2026-01-06 北京九章云极科技有限公司 Computing power metering method and device based on multidimensional performance indexes for intelligent computing center cloud platform

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118797652A (en) * 2024-05-08 2024-10-18 中国移动通信有限公司研究院 Computational information acquisition method, device, equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110202657A1 (en) * 2010-02-12 2011-08-18 Elitegroup Computer Systems Co., Ltd. Method for scheduling cloud-computing resource and system applying the same
CN102495978A (en) * 2011-11-09 2012-06-13 南京邮电大学 Computing method for reliability index of task executive and task execution point in open computing environment
CN116017571A (en) * 2022-12-14 2023-04-25 南京航空航天大学 Multi-agent risk-aware security computing method based on federated reinforcement learning
CN116582949A (en) * 2023-05-29 2023-08-11 东南大学 A Resource Scheduling Method Integrating Security Decision-Making and Computing Acceleration
CN118797652A (en) * 2024-05-08 2024-10-18 中国移动通信有限公司研究院 Computational information acquisition method, device, equipment and medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110202657A1 (en) * 2010-02-12 2011-08-18 Elitegroup Computer Systems Co., Ltd. Method for scheduling cloud-computing resource and system applying the same
CN102495978A (en) * 2011-11-09 2012-06-13 南京邮电大学 Computing method for reliability index of task executive and task execution point in open computing environment
CN116017571A (en) * 2022-12-14 2023-04-25 南京航空航天大学 Multi-agent risk-aware security computing method based on federated reinforcement learning
CN116582949A (en) * 2023-05-29 2023-08-11 东南大学 A Resource Scheduling Method Integrating Security Decision-Making and Computing Acceleration
CN118797652A (en) * 2024-05-08 2024-10-18 中国移动通信有限公司研究院 Computational information acquisition method, device, equipment and medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN121277792A (en) * 2025-12-03 2026-01-06 北京九章云极科技有限公司 Computing power metering method and device based on multidimensional performance indexes for intelligent computing center cloud platform

Also Published As

Publication number Publication date
CN118797652A (en) 2024-10-18

Similar Documents

Publication Publication Date Title
US20240427686A1 (en) Methods and systems for determining system capacity
WO2025232412A1 (en) Computing information acquisition method and apparatus, and device and medium
US11227232B2 (en) Automatic generation of training data for anomaly detection using other user's data samples
US9785792B2 (en) Systems and methods for processing requests for genetic data based on client permission data
CN112640388B (en) Suspicious Activity Detection in Computer Networks
RU2454714C1 (en) System and method of increasing efficiency of detecting unknown harmful objects
US9811391B1 (en) Load balancing and conflict processing in workflow with task dependencies
US11481659B1 (en) Hyperparameter optimization using fairness constraints
WO2021068513A1 (en) Abnormal object recognition method and apparatus, medium, and electronic device
US10594579B2 (en) System monitoring device
CN109472312B (en) Application program evaluation method, device, computer equipment and storage medium
CN108874324B (en) An access request processing method, apparatus, device and readable storage medium
CN110838031A (en) A data operation method and device based on ABtest
WO2020087758A1 (en) Abnormal traffic data identification method, apparatus, computer device, and storage medium
RU2743898C1 (en) Method for performing tasks
CN107465627A (en) Overload protection method, device, electronic equipment and flow processing system
WO2023093194A1 (en) Cloud monitoring method and cloud management platform
Kavitha et al. Performance analysis of ACO‐based improved virtual machine allocation in cloud for IoT‐enabled healthcare
CN102203730B (en) Open application programming interface selection method and device
CN105991596A (en) Access control method and system
CN115829064B (en) Federal learning acceleration method, device, equipment and storage medium
WO2024060767A1 (en) Anomaly detection method and related apparatus
WO2015192668A1 (en) Evaluation processing method and device for voice service
CN113656046B (en) Application deployment method and device
CN110351345B (en) Method and device for processing service request

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 25808886

Country of ref document: EP

Kind code of ref document: A1