多接取邊緣運算(Multi-access Edge computing, MEC)是行動通訊中的邊緣運算框架。近年因行動網路技術的發展，網路使用者擴展至智慧工廠、AR/VR、自駕車等各式應用。然而巨大的網路流量流經骨幹網路將會影響系統效能以及新興應用如自駕車對於反應延遲要求更敏感，僅透過雲端運算技術將無法解決上述問題。因此可以透過多接取邊緣運算技術將計算、儲存、分析任務從雲端卸載至邊緣，解決長距離通訊的高延遲問題以及緩解核心網流量負擔。除此之外，過往使用的安全傳輸機制消耗較多計算及傳輸成本，若將相同機制應用在資源受限的邊緣裝置則需要更長運算時間，如此一來削弱邊緣運算在延遲上帶來的優勢。

本論文研究以提供安全傳輸給延遲敏感的應用為目標，首先實作符合歐洲電信標準協會(European Telecommunications Standards Institute, ETSI)規範之多接取邊緣運算實驗平台；接著以較輕量化的橢圓曲線密碼學、雜湊及互斥或運算設計雙向認證機制設計，使裝置端及邊緣伺服器端皆能驗證彼此身分；最後結合Linux核心模組KTLS實作對稱式加解密傳輸。根據實驗結果顯示本研究提出之方法能減少傳輸及計算成本，並且較憑證認證方法使用較少的認證時間。

Multi-access Edge Computing (MEC) is a computing framework in mobile communications. Recently, mobile users have expended to many applications such as smart factories, AR/VR, and self-driving cars. However, the increasing network traffic impact the backbone network in a bad manner and will cause delay sensitive services such as self-driving cars a big challenge. Therefore, the MEC framework can bring extra computing, storage, and analysis tasks, solving the high latency problem of long-distance communication and mitigating the traffic burden of the core network.

In this thesis, a low latency and lightweight mutual authentication scheme between User Equipment (UE) and MEC server is proposed. By using lightweight cryptographic operations such hash, XOR, and elliptic curve key generation functions, UE and MEC server can authenticate each other. After the authentication process complete, UE and MEC server share same session key, which is used to do symmetric encryption and decryption for data transmission. The experiment result shows that the proposed scheme reduces 47.57% of time to authenticate and transmit data securely.

[1] “ITU towards “IMT for 2020 and beyond,” [Online], Available: https://www.itu.int/en/ITU-R/study-groups/rsg5/rwp5d/imt-2020/Pages/default.aspx. [Accessed: 13-Aug-2022]
[2] Y. C. Hu, M. Patel, D. Sabella, N. Sprecher, and V. Young,“ Mobile Edge Computing A key technology towards 5G,” ETSI White Paper, no. 11, 2015.
[3] “UERANSIM,” [Online], Available: https://github.com/aligungr/UERANSIM. [Accessed: 27-Jun-2022].
[4] “Free5GC,” [Online], Available: https://www.free5gc.org/. [Accessed: 27-Jun-2022]
[5] “TR 21.915 V15.0.0.0,” 3GPP, 2019.
[6] “MEC 003 V2.2.1,” ETSI GS, 2020.
[7] M. Dworkin, “Recommendation for Block Cipher Modes of Operation: Methods and Techniques”, NIST, 2001.
[8] M. Dworkin, “Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC”, NIST, 2007.
[9] “RFC 2246 - The Transport Layer Security (TLS) Protocol Version 1.0,” IETF, 1999.
[10] “RFC 4346 - The Transport Layer Security (TLS) Protocol Version 1.1,” IETF, 2006.
[11] “RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2,” IETF, 2008.
[12] “RFC 8446 - The Transport Layer Security (TLS) Protocol Version 1.3,” IETF, 2018.
[13] E. Barker, “Recommendation for Key Management: Part 1 – General”, NIST, 2020.
[14] C. Y. Li, Y. D. Lin, Y. C. Lai, H. T. Chien, Y. S. Huang, and H. Y. Liu. “Transparent AAA Security Design for Low-Latency MEC-Integrated Cellular Networks,” IEEE Transactions on Vehicular Technology, vol. 69, no. 3, pp. 3231-3243, 2020.
[15] S. Zhang and J. H. Lee, “A Group Signature and Authentication Scheme for Blockchain-Based Mobile-Edge Computing,” IEEE Internet of Things Journal, vol. 7, no. 5, pp. 4557-4565, 2020.
[16] J. L. Tsai and N. W. Lo, “A Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services,” IEEE Systems Journal, vol. 9, no. 3, pp. 805-815, 2015.
[17] Q. Jiang, J. Ma, and F. Wei, “On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services,” IEEE System Journal, vol. 12, no. 2, pp. 2039-2042, 2018.
[18] A. Irshad, M. Sher, H. F. Ahmad, B. A. Alzahrani, S. A. Chaudhry, and R. Kumar, “An improved Multi-server Authentication Scheme for Distributed Mobile Cloud Computing Services,” KSII Transactions on Internet and Information Systems, vol. 10, no. 12, pp. 5529-5552, 2016.
[19] X. Li, S. Liu, F. Wu, S. Kumari, and J. J. P. C. Rodrigues, “Privacy Preserving Data Aggregation Scheme for Mobile Edge Computing Assisted IoT Applications,” IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4755-4763, 2019.
[20] A. Esfahani, G. Mantas, R. Matischek, F. B. Saghezchi, J. Rodriguez, A. Bicaku, S. Maksuti, M. G. Tauber, C. Schmittner, and J. Bastos, “A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment,” IEEE Internet of Things Journal, vol. 6, no. 1, pp. 288-296, 2019.
[21] F. Wang, Y. Xu, L. Zhu, X. Du, and M. Guizani, “LAMANCO: A Lightweight Anonymous Mutual Authentication Scheme for N -Times Computing Offloading in IoT,” IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4462-4471, 2019.
[22] K. Kaur, S. Garg, G. Kaddoum, M. Guizani, and D. N. K. Jayakody, “A Lightweight and Privacy-Preserving Authentication Protocol for Mobile Edge Computing,” 2019 IEEE Global Communications Conference, 2019.
[23] X. Jia, D. He, N. Kumar, and K. R. Choo, “A Provably Secure and Efficient Identity-Based Anonymous Authentication Scheme for Mobile Edge Computing,” IEEE Systems Journal, vol. 14, no. 1, pp. 560-571, 2020.
[24] Y. Li, Q. Cheng, X. Liu, and X. Li, “A Secure Anonymous Identity-Based Scheme in New Authentication Architecture for Mobile Edge Computing,” IEEE Systems Journal, vol. 15, no. 1, pp. 935-946, 2021.
[25] J. Jiang X. Hu, Z. Ning, E. C. H. Ngai, L. Zhou, J. Wei, J. Cheng, and B. Hu, “Energy-Latency Tradeoff for Energy-Aware Offloading in Mobile Edge Computing Networks,” IEEE Internet of Things Journal, Vol. 5, no 4, pp. 2633-2645, 2018.
[26] J. Hwang L. Nkenyereye, N. Sung, J. Kim, and J. Song, “IoT Service Slicing and Task Offloading for Edge Computing,” IEEE Internet of Things Journal, Vol. 8, no. 14, pp. 11526-11547, 2021.
[27] H. Guo, J. Liu, J. Zhang, W. Sun, and N. Kato, “Mobile-Edge Computation Offloading for Ultradense IoT Networks,” IEEE Internet of Things Journal, Vol. 5, no. 6, pp. 4977-4988, 2018.
[28] Z. Ning P. Dong, X. Kong, and F. Xia, “A Cooperative Partial Computation Offloading Scheme for Mobile Edge Computing Enabled Internet of Things,” IEEE Internet of Things Journal, Vol. 6, no. 3, pp. 4804-4814, 2019.
[29] S. Hu and G. Li, “Dynamic Request Scheduling Optimization in Mobile Edge Computing for IoT Applications,” IEEE Internet of Things Journal, vol. 7, no. 2, pp. 1426-1437, 2020.
[30] Y. D. Lin, Y. C. Lai, J. X. Huang, and H. T. Chien, “Three-Tier Capacity and Traffic Allocation for Core, Edges, and Devices for Mobile Edge Computing,” IEEE Transactions on Network and Service Management, Vol. 15, no. 3, pp. 923-933, 2018.
[31] N. Kherraf, H. A. Alameddine, S. Sharafeddine, C. M. Assi, and A. Ghrayeb, “Optimized Provisioning of Edge Computing Resources With Heterogeneous Workload in IoT Networks, ”IEEE Transactions on Network and Service Management, Vol. 16, no. 2, pp. 459-474, 2019.
[32] J. Janković, Z. Ilić, A. Oračević, S. M. A. Kazmi, and R. Hussain, “Effects of Differentiated 5G Services on Computational and Radio Resource Allocation Performance,” IEEE Transactions on Network and Service Management, Vol. 18, no. 2, pp. 2226-2241, 2021.
[33] C. F. Liu, M. Bennis, M. Debbah, and H. V. Poor, “Dynamic Task Offloading and Resource Allocation for Ultra-Reliable Low-Latency Edge Computing,” IEEE Transactions on Communications, Vol. 67, no. 6, pp. 4132-4150, 2019.
[34] D. Han, W. Chen, and Y. Fang, “Joint Channel and Queue Aware Scheduling for Latency Sensitive Mobile Edge Computing With Power Constraints,” IEEE Transactions on Wireless Communications, vol. 19, no. 6, pp. 3938-3951, 2020.
[35] “Kernel TLS,” [Online], Available: https://docs.kernel.org/networking/tls.html. [Accessed: 27-Jun-2022]
[36] “Proxmox,” [Online], Available: https://www.proxmox.com/en/. [Accessed: 27-Jun-2022]
[37] “WolfSSL,” [Online], Available: https://www.wolfssl.com/. [Accessed: 27-Jun-2022]
[38] “Wireshark,” [Online], Available: https://www.wireshark.org/. [Accessed: 27-Jun-2022]