Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for raising separation map network security

A security and network technology, applied in the field of network communication, can solve problems such as network security threats, achieve the effects of increasing security, saving resources, and reducing the probability of terminal attacks

Inactive Publication Date: 2012-01-04
BEIJING JIAOTONG UNIV
View PDF3 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Attackers can perform port scans or DoS attacks on terminals based on the global reachability of access identifiers, and network security is greatly threatened

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for raising separation map network security
  • Method for raising separation map network security
  • Method for raising separation map network security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] A method for improving the security of a network separating access identifiers and routing identifiers proposed by the present invention includes:

[0028] (1) Classification of terminal access identifiers

[0029] The access identifier of a terminal is divided into an unreachable identifier and a reachable identifier; if the mapping relationship between a terminal's access identifier and a routing identifier can be queried from the mapping system by other terminals (or corresponding access routers), the terminal's The access ID is a reachable access ID, and the terminal can be actively accessed by other terminals; on the contrary, if the mapping relationship between the access ID of a current terminal and the routing ID cannot be mapped by other terminals (or corresponding access routers) from The system obtains that the access identifier of the terminal is an unreachable access identifier, and the terminal cannot be actively accessed by other terminals.

[0030] Usua...

Embodiment 2

[0048] Figure 4 The communication process between the first terminal A and the second terminal S shown in , includes the following steps:

[0049] Step 101: the first terminal A and the second terminal S access the network to register;

[0050] In this embodiment, the type of the access identifier of the first terminal A is an unreachable access identifier, and the type of the access identifier of the second terminal S is a reachable access identifier.

[0051] In this embodiment, the process for the first terminal A to access the network to register is specifically as follows:

[0052] a: The first terminal A accesses the network, and sends a registration message to the first access router AR1, the registration message includes the access identifier and the identifier category of the first terminal A, and the identifier category is an unreachable identifier;

[0053] b: The first access router AR1 checks whether there is a mapping relationship between the access identifier...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for raising separation map network security, belonging to the network communication technology field. According to the invention, access identification (also called identity identification) in a separation map network is divided into accessible identification and inaccessible identification. If a mapping relation of a terminal from access identification to route identification can be searched by other terminal (or a corresponding access router) in a mapping system, access identification of the terminal is the accessible identification, and the terminal can be accessed by other terminal actively. On the contrary, if the mapping relation of the terminal from the access identification to the route identification can not be searched by other terminal (or a corresponding access router) in the mapping system, the access identification of the terminal is the inaccessible identification, and the terminal can not be accessed by other terminal actively. In addition, a mapping relation of terminal (or a corresponding access router) buffer memory inaccessible identification ensures temporary accessibility of the inaccessible identification, and after using a terminal of the inaccessible identification to complete service acquisition, buffer memory is cleared automatically.

Description

technical field [0001] The invention belongs to the technical field of network communication, and in particular relates to a method for improving the security of a separate mapping network. Background technique [0002] In the current Internet architecture, the IP address is ambiguous, that is, it represents the identity and location of the terminal in the network at the same time, so the IP address must be globally accessible. Regardless of whether the terminal provides a certain network service or is willing to be actively accessed, as long as the terminal's IP address is known, the packet sent to the IP address can always be sent to the terminal using the IP or at least to the network where the IP is located through the Internet. subnet. An attacker can take advantage of the global reachability of the IP address to send packets to the terminal to perform port scanning or denial-of-service (DoS: Denial-of-service) attacks on the terminal, which greatly threatens network s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/12
Inventor 罗洪斌王凯张宏科秦雅娟苏伟董平周华春
Owner BEIJING JIAOTONG UNIV