计算机工程与应用2017,Vol.53Issue(23):67-71,5.DOI:10.3778/j.issn.1002-8331.1606-0006
基于多核处理器的IPSec VPN系统安全策略检索研究
Security policy searching method research of IPSec VPN based on multi-core network processor
摘要
Abstract
In order to meet the security requirements of modern high bandwidth Internet application environment, an IPSec VPN architecture based on Tilera GX36 multi-core network processor is proposed, and program function modules of control plane and data plane are designed according to SDN architecture to achieve flexible security control on network traffic. To meet the security strategy retrieval performance requirement, a three-level security policy flow-table structure based on Hash algorithm is put forward, and a security policy search method is designed using security association flow-table cached on tile CPUs as fast retrieval data source. The test results show that the system can achieve the processing performance in 40 Gb/s Internet applications under the typical short, medium and long package-length circumstance.关键词
多核网络处理器/TileraGX36/IPSecVPN/安全策略检索Key words
multi-core network processor/Tilera GX36/IPSec VPN/security policy search分类
信息技术与安全科学引用本文复制引用
陈亮,王建,赵勇..基于多核处理器的IPSec VPN系统安全策略检索研究[J].计算机工程与应用,2017,53(23):67-71,5.基金项目
陕西省工业攻关计划(No.2014K05-43) (No.2014K05-43)
陕西省教育厅专项科研计划(No.14JK1310) (No.14JK1310)
西安市技术转移促进工程项目(No.CXY1439(1)). (No.CXY1439(1)
