With the widespread adoption of edge computing technologies and the increasing prevalence of deep learning models in these environments, the security risks and privacy threats to models and data have grown more acute. Attackers can exploit various techniques to illegally obtain models or misuse data, leading to serious issues such as intellectual property infringement and privacy breaches. Existing model access control technologies primarily rely on traditional encryption and authentication methods; however, these approaches exhibit significant limitations in terms of flexibility and adaptability in dynamic environments. Although there have been advancements in model watermarking techniques for marking model ownership, they remain limited in their ability to proactively protect intellectual property and prevent unauthorized access. To address these challenges, we propose a novel model access control method tailored for edge computing environments. This method leverages image style as a licensing mechanism, embedding style recognition into the model's operational framework to enable intrinsic access control. Consequently, models deployed on edge platforms are designed to correctly infer only on license data with specific style, rendering them ineffective on any other data. By restricting the input data to the edge model, this approach not only prevents attackers from gaining unauthorized access to the model but also enhances the privacy of data on terminal devices. We conducted extensive experiments on benchmark datasets, including MNIST, CIFAR-10, and FACESCRUB, and the results demonstrate that our method effectively prevents unauthorized access to the model while maintaining accuracy. Additionally, the model shows strong resistance against attacks such as forged licenses and fine-tuning. These results underscore the method's usability, security, and robustness.

翻译：随着边缘计算技术的广泛应用以及深度学习模型在此类环境中的日益普及，模型与数据面临的安全风险和隐私威胁愈发严峻。攻击者可通过多种技术手段非法获取模型或滥用数据，导致知识产权侵犯与隐私泄露等严重问题。现有的模型访问控制技术主要依赖传统加密与认证方法，然而这些方法在动态环境中的灵活性与适应性方面存在显著局限。尽管模型水印技术在标识模型所有权方面已取得进展，但其在主动保护知识产权与防止未授权访问方面的能力仍然有限。为应对这些挑战，我们提出一种专为边缘计算环境设计的新型模型访问控制方法。该方法以图像风格作为授权机制，将风格识别嵌入模型运行框架以实现内源性访问控制。因此，部署于边缘平台的模型被设计为仅能对具有特定风格的授权数据进行正确推断，而对任何其他数据均无效。通过限制边缘模型的输入数据，该方法不仅能防止攻击者未授权访问模型，还可增强终端设备数据的隐私性。我们在基准数据集（包括MNIST、CIFAR-10和FACESCRUB）上进行了大量实验，结果表明本方法在保持精度的同时能有效阻止对模型的未授权访问。此外，该模型对伪造授权与微调等攻击表现出强抵抗能力。这些结果验证了该方法在可用性、安全性与鲁棒性方面的优势。