算力网络数据安全研究报告（2024年）

Industry Overview - The computing power network is a new type of infrastructure that integrates computing resources (CPU, GPU, FPGA) with communication networks, enabling unified perception, orchestration, and scheduling of computing power through a "computing brain" [9] - The global computing power network industry is rapidly developing, with countries like the US and EU investing heavily in supercomputers and edge computing nodes [9][10] - China has established a computing power network service system with sufficient resource reserves, initial scheduling capabilities, and emerging trading models, with a total computing power scale of 246 EFLOPS (FP32) as of June 2024 [126] Key Technologies - Computing power network introduces key technologies such as computing power perception, measurement and modeling, orchestration and scheduling, and network bearing to achieve ubiquitous connection and flexible scheduling of computing resources [59] - Computing power routing, native computing power, and fully scheduled Ethernet are original technological breakthroughs in China's computing power network [114] - SRv6, network slicing, network perception, and deterministic network technologies provide efficient collaborative connections and transmission capabilities for the upper layers [60] Application Scenarios - Computing power network applications can be categorized into life scenarios (VR, cloud gaming, live streaming), industry scenarios (smart transportation, healthcare, IoV), and social scenarios (digital government, platform-based computing power sharing) [36] - The computing power network provides edge, edge cloud, and central cloud computing power services for scenarios like vehicle-road collaboration, enabling low-latency, quasi-real-time, and non-real-time computing power supply [123] Data Security Challenges - The computing power network faces data security risks such as increased exposure due to cross-node, cross-entity, and cross-domain data flow, complex data flow paths, and new risks from network technologies like SRv6 [131][144][125] - The infrastructure layer faces risks from weak computing nodes, inconsistent node security levels, and increased management complexity due to heterogeneous node access [42][158] - The orchestration layer faces risks from unique data resources becoming new attack targets and intelligent orchestration algorithms being vulnerable to data poisoning and model theft [63][77] Data Security Framework - The computing power network data security protection framework includes both management and technical aspects, with management focusing on organizational structure, personnel management, data classification, and permission management [175] - Technical measures are proposed for each layer: infrastructure layer (node data security, network infrastructure security), orchestration layer (orchestration data security, intelligent algorithm security), and operation service layer (user data security, operation data security) [50][65][165] - The framework emphasizes multi-level, multi-strategy comprehensive defense measures, such as path encryption, authentication, integrity verification, network isolation, and traffic monitoring for SRv6 risks [78] Development Recommendations - Accelerate technological innovation by promoting the integration of computing power network technology with security technology, and applying blockchain and privacy computing technologies in the computing power network environment [80] - Enrich integrated applications by encouraging the integration of computing network data security solutions with industry applications in smart finance, transportation, healthcare, and manufacturing [81] - Deepen industry-university-research collaboration to build a computing power network data security ecosystem, promoting international exchanges and cooperation [172]