Dynamic trusted edge gateway for industrial terminals based on classification and hierarchical management and its implementation method

What is claimed is: 1 . A dynamic trusted edge gateway for industrial terminals based on classification and hierarchical management, comprising: an information collection module; a local cache module; an identity collaboration module; a multi-point deployment support module; a security event log collaboration module; a trust evaluation result receiving module; and a security policy execution module; wherein the information collection module is configured to establish a connection with the industrial terminals, collect a multi-dimension information of the industrial terminals, and transmit the multi-dimension information to the local cache module and the trust evaluation result receiving module; wherein the multi-dimension information comprises internet of things (IoT) connectivity status, embedded operating system version, application software version, software license validity period, hardware configuration information, hardware version, network address and communication protocol; the security event log collaboration module is configured to perform information exchange and event sharing with an industrial control security device and an industrial IoT security device to obtain an exchanged information, and transmit the exchanged information to the trust evaluation result receiving module, so as to evaluate a trust degree and a security degree of the industrial control security device and the industrial IoT security device; the identity collaboration module is configured to interact with a cloud control center to obtain a classification and hierarchical information of the industrial terminals and synchronously update the classification and hierarchical information to the trust evaluation result receiving module; the multi-point deployment support module is configured to interact with the cloud control center, and enable interaction and information synchronization in a case that a plurality of dynamic trusted edge gateways are deployed, so as to allow the plurality of dynamic trusted edge gateways to work collaboratively and maintain the multi-dimension information and a security policy; the local cache module is configured to receive the multi-dimension information collected by the information collection module, and store a predetermined classification and hierarchical information; wherein the predetermined classification and hierarchical information comprises security level, authorized access scope, and trust score of each of the industrial terminals; the trust evaluation result receiving module is configured to report the trust score of each of the industrial terminals to the cloud control center, and receive an updated dynamic trust result from the cloud control center, so as to achieve dynamic authorization management of the industrial terminals; wherein the cloud control center is configured to determine whether a real-time trust score of each of the industrial terminals is within a security range, and update a trust credential and an access control level of each of the industrial terminals to obtain and transmit the updated dynamic trust result to the trust evaluation result receiving module; and the security policy execution module is configured to execute a security policy; wherein the security policy comprises access control, traffic monitoring and security event response of the industrial terminals, perform access authorization for the industrial terminals based on updated multi-dimension information and an authorization policy, monitor behavior and traffic of the industrial terminals, and respond to security events of the industrial terminals. 2 . A method for implementing the dynamic trusted edge gateway of claim 1 , comprising: (S 1 ) performing classification and hierarchical management on the industrial terminals based on a preset classification and hierarchical template, wherein the preset classification and hierarchical template comprises static identity factor-based classification and security level-based hierarchical management; (S 2 ) actively establishing, by the information collection module, a connection with the industrial terminals; and collecting, by the information collection module, multi-dimension information of the industrial terminals; (S 3 ) obtaining, by the identity collaboration module, the classification and hierarchical information from the cloud control center and a trusted access to an application resource of an industrial cloud platform; performing, by the identity collaboration module, synchronous access authorization for the industrial terminals; establishing, by the identity collaboration module, a communication connection with the industrial cloud platform or a security proxy of the industrial cloud platform; (S 4 ) monitoring and obtaining, by the information collection module, a dynamic information of the industrial terminals in real time; performing, by the information collection module, comprehensive assignment on the dynamic information of the industrial terminals to obtain an initial comprehensive trust score; generating, by the trust evaluation result receiving module, a final comprehensive trust score of each of the industrial terminals based on the initial comprehensive trust score and a security event log from the industrial control security device and the industrial IoT security device; and uploading, by the identity collaboration module, the final comprehensive trust score to the cloud control center; and (S 5 ) determining, by the cloud control center, whether the final comprehensive trust score of each of the industrial terminals is within the security range based on a trust score range, wherein the trust score range is determined by class and grade of each of the industrial terminals; updating, by the cloud control center, the trust credential and the access control level of each of the industrial terminals; and transmitting, by the cloud control center, the updated dynamic trust result to the identity collaboration module and the security policy execution module, so as to achieve dynamic edge trust control. 3 . The method of claim 2 , wherein the industrial terminals comprise an industrial control system, a production device, an industrial IoT sensor and an industrial access terminal. 4 . The method of claim 2 , wherein in step (S 1 ), a static identity factor comprises attribute and function of the industrial terminals, and cloud-enabled application type, access method and interactive data flow type of the industrial cloud platform; and five security levels are set, respectively unauthorized access, authenticated access, limited access, controlled access and managed access. 5 . The method of claim 2 , wherein in step (S 2 ), the multi-dimension information comprises IoT connectivity status, embedded operating system version, application software version, software license validity period, hardware configuration information, hardware version, network address, network port, and communication protocol and version information. 6 . The method of claim 2 , wherein in step (S 4 ), the dynamic information comprises network connection quality, session status of the industrial terminals, traffic type and volume, cloud application access type, interface calling frequency, status of published and subscribed message queues, data access type, and read or write frequency. 7 . The method of claim 2 , wherein in step (S 4 ), the initial comprehensive trust score is obtained through steps of: determining a significance of each of a plurality of dynamic indicators of usage status of the industrial terminals to a trust level of the industrial terminals based on a feature F, a historical behavior H and an impact range R of each of the plurality of dynamic indicators, expressed as: I i =f ( F i ,H i ,R