Composable security network construction method and device for multi-level security services

Abstract

The invention discloses a multi-class safety service combinable safety network construction method and device. The method includes conducting inductive analysis on safety business to obtain the safety business class; searching a safety resource database to obtain the quantity of corresponding network safety resources; searching a network topological graph to obtain candidate node sets meeting the requirement; building a network topological structure according to the connection relation and the construction rule of the candidate node sets; distributing and combining the safety resources according to a node resource distribution and combination function and building a combinable safety network; detecting safety business requirement change, evaluating the surplus condition of the safety resources and marking nodes not meeting the changed resource requirement as key nodes; recombining and reconstructing the safety network containing the key nodes. The method and device can improve supporting flexibility and adaptability of network safety service to the safety application business, effectively and reasonably utilizes the network safety resources to achieve multi-class safety and meets the requirement of the combinable safety network.

Description

technical field [0001] The invention relates to the field of computer network security, in particular to a multi-level security service composable security network construction method and a device thereof. Background technique [0002] At the beginning of its design, TCP / IP did not consider the security threats of an open and untrusted environment, which led to various security problems encountered in its development process. On the other hand, the methods used to solve security problems are all fragmented repairs In this way, different protocols introduce their own security extensions. After a long period of accumulation, the entire system becomes more and more complex, and more new problems need to be solved. The current TCP / IP security architecture is rigid and inefficient, with a single network layer function, excessive separation of business and network, unable to meet diverse security requirements, and there are still serious problems in providing flexible, secure, tru...

AI Technical Summary

Problems solved by technology

[0002] At the beginning of its design, TCP / IP did not consider the security threats of an open and untrusted environment, which led to various security problems encountered in its development process. On the other hand, the methods used to solve security problems are scattered repairs. In this way, different protocols introduce their own security extensions. After a long period of accumulation, the entire system becomes more and more complex, and more new problems need to be solved.

The current TCP / IP security architecture is rigid and inefficient, with a single network layer function, excessive separation of business and network, and inability to meet diverse security requirements. There are still serious problems in providing flexible, secure, trustworthy and manageable services and scalability. defect

Images