通信学报2024,Vol.45Issue(7):101-116,16.DOI:10.11959/j.issn.1000-436x.2024060
基于SDN的物联网边缘节点间数据流零信任管理
Zero trust management of data flow between IoT edge nodes based on SDN
摘要
Abstract
Aiming at the lack of effective means for detecting and localizing malicious nodes in the data flow transmis-sion link in Internet of things(IoT),a zero trust management method of data flow between IoT edge nodes based on soft-ware defined network(SDN)was proposed.This method applied the architecture of SDN to the process of data flow transmission between edge nodes.A fixed-length header overhead was used for zero trust management of data flow,nodes,and paths to achieve lightweight packet forwarding verification and malicious node localization functions.In the forwarding path,the security verification of packets was performed by the switching node,and the verification informa-tion was counted to ensure the security of the data flow transmission and the consistency of the path.Based on the type of abnormal packets,the controller adopted dichotomous method to mark the switching node that performed the verifica-tion operation to gradually narrow down the scope of malicious nodes,and realized the localization of multiple types of malicious nodes.Finally,the proposed method was simulated and evaluated.The experimental results show that the method introduces a forwarding delay of less than 10%and a throughput loss of less than 8%.关键词
物联网/软件定义网络/零信任管理/异常检测/异常定位Key words
Internet of things/software defined network/zero trust management/anomaly detection/anomaly location分类
信息技术与安全科学引用本文复制引用
肖警续,郭渊博,常朝稳,吴平,杨晨立..基于SDN的物联网边缘节点间数据流零信任管理[J].通信学报,2024,45(7):101-116,16.基金项目
河南省科技攻关基金资助项目(No.222102210070) Henan Provincial Science and Technology Research Project(No.222102210070) (No.222102210070)
