Method for building and maintaining trust relation between autonomy systems in inter-domain routing system

An autonomous system and trust relationship technology, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as no verification of path attributes, no verification of IP address prefixes, and no statistical data given by the trust model.

Inactive Publication Date: 2011-06-22
THE PLA INFORMATION ENG UNIV
View PDF1 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Because security factors were not considered in the early design, BGP has inherent deficiencies in security: (1) BGP does not provide message integrity, freshness, and identity authentication of peer entities for communication between peers; (2) BGP does not verify whether the AS has the right to announce NLRI, that is, it does not verify the IP address prefix; (3) BGP does not verify whether the path attributes announced by the AS are true
In the existing trust models, the trust model based on fuzzy logic does not g...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for building and maintaining trust relation between autonomy systems in inter-domain routing system
  • Method for building and maintaining trust relation between autonomy systems in inter-domain routing system
  • Method for building and maintaining trust relation between autonomy systems in inter-domain routing system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0065] Embodiment one: see figure 1, the method for establishing and maintaining trust relationship between autonomous systems in the inter-domain routing system of the present invention, its overall process can be divided into four modules: initialization module, routing update data detection result statistics module, trust degree update module based on routing detection, trust Grade Judgment Module.

[0066] The initialization module uses Bayesian estimation theory to define various parameters required to establish a trust relationship, that is, direct trust, indirect trust, trust, statistical trust, trust threshold, and trust reduction, increase rate, and initialize these parameters according to the commercial relationship between adjacent autonomous systems, as the basis for updating the trust degree;

[0067] The statistical results of the routing update data detection results use the method of trust accumulation and step-by-step backtracking to determine whether the rou...

Embodiment 2

[0070] Embodiment two: see Figure 1 to Figure 5 , this embodiment takes the autonomous system AS i and its neighbor autonomous system AS j As an example, further specifically describe the technical solution of the method for establishing and maintaining trust relationships between autonomous systems in the inter-domain routing system of the present invention:

[0071] 1) Initialize the module:

[0072] First, the autonomous system establishes a trust list for each neighboring autonomous system. The list elements include the current direct trust degree, indirect trust degree, trust degree, statistical trust degree, and the trust degree threshold value and the trust degree decrease and increase rate. . Then, at the initial moment, the autonomous system sets the initial value of each parameter required in the trust relationship establishment method according to the commercial relationship with the neighboring autonomous systems and the historical routing data sent. Like rout...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for building and maintaining a trust relation between autonomy systems in an inter-domain routing system. The building and maintaining of a trust relation between autonomy systems are completed by the following steps: (1) initialization of parameters, namely defining and initializing the parameters needed to build the trust relation between the autonomy systems; (2) detection for the authenticity of an inter-domain routing message, namely judging whether the received inter-domain routing message conforms to a real network topology or not by the autonomy systems; (3) trust degree update based on a routing detection, namely updating the trust degrees in real time by the autonomy systems according to the detection result of the routing message from the adjacent autonomy system; (4) trust level judgment of the autonomy systems, namely dividing the autonomy systems into low, middle and high trust levels according to the current trust degrees of the autonomy systems, and directly discarding the routing update data packets transmitted by the autonomy systems according to the levels, or detecting the data packets, or directly updating a route list.

Description

technical field [0001] The invention relates to the technical field of communication network security, in particular to a method for establishing and maintaining trust relationships between autonomous systems in an inter-domain routing system based on Bayesian estimation. Background technique [0002] Border Gateway Protocol (BGP) is a routing protocol used to exchange network layer reachability information between routing domains, and is the de facto standard for the interconnection of Autonomous Systems (AS) in the Internet. Because security factors were not considered in the early design, BGP has inherent deficiencies in security: (1) BGP does not provide message integrity, freshness, and identity authentication of peer entities for communication between peers; (2) BGP does not verify whether the AS has the right to announce NLRI, that is, it does not verify the IP address prefix; (3) BGP does not verify whether the path attributes announced by the AS are true. Because o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L29/06H04L45/02
Inventor 刘文芬胡学先张建辉程东年魏江宏王伟
Owner THE PLA INFORMATION ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap