通信学报2018,Vol.39Issue(2):31-42,12.DOI:10.11959/j.issn.1000-436x.2018022
基于密码标识的SDN安全控制转发方法
SDN security control and forwarding method based on cipher identification
摘要
Abstract
Aimed at the limited matching fields and the lack of effective data source authentication mechanism in the software defined networking (SDN), a SDN security control forwarding method based on cipher identification was pro-posed. First, the cipher identification was generated according to the user identity, file attributes or business content and other characteristics, and the data stream was marked by the cipher identification and signed with the private key based on the cipher identification. Then, when the data stream entered and left the network, the forwarding device verified its signature to ensure the authenticity of the data. At the same time, the cipher identification was designed as a matching item recognized by the forwarding device, and the network forwarding behavior was defined based on the cipher identi-fication, so a fine-grained network control capability could be formed based on people, things, and business flow. Finally, the validity of the method is verified by experimental analysis.关键词
软件定义网络/密码标识/安全控制转发/流表匹配Key words
software defined networking/cipher identification/security control and forwarding/flow table matching分类
信息技术与安全科学引用本文复制引用
秦晰,唐国栋,常朝稳..基于密码标识的SDN安全控制转发方法[J].通信学报,2018,39(2):31-42,12.基金项目
国家自然科学基金资助项目(No. 61572517)Foundation Item: The National Natural Science Foundation of China (No. 61572517) (No. 61572517)
