User-driven centralized access control method for SDN (Software Defined Network)

An access control and access control list technology, applied to electrical components, transmission systems, etc., can solve the problems of unable to manage flow tables in time and increase forwarding delay, so as to improve forwarding efficiency, reduce forwarding delay, and save flow table space Effect

Active Publication Date: 2015-09-09
DALIAN UNIV OF TECH
View PDF4 Cites 40 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to overcome the shortcomings of the existing access control methods in the SDN network, which increase the forwarding delay and cannot manage the flow table in the forwarding plane in time, a user-driven centralized access control method for the SDN network is provided to realize the filtering of data packets in the SDN network Function

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User-driven centralized access control method for SDN (Software Defined Network)
  • User-driven centralized access control method for SDN (Software Defined Network)
  • User-driven centralized access control method for SDN (Software Defined Network)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] Further description will be given below in conjunction with the accompanying drawings and embodiments.

[0020] Such as figure 1 As shown, a user-driven centralized access control method for SDN networks can be implemented as a system module in the SDN controller, which consists of three functional modules: REST API, abstract network view management, and access control rule management. Among them, the REST API provides users with a friendly and centralized management interface for users to add, delete and query access control rules; the abstract network view management module is divided into two sub-modules, the abstract network view update and the abstract network view query, the former is responsible for Simplify the global network view into an abstract network view, and update the abstract network view in time by listening to host update events in the network. The latter is responsible for providing a global interface for other functional modules to query the abstrac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a user-driven centralized access control method for an SDN (Software Defined Network), which belongs to the technical field of computer applications. The method is characterized by comprising the following steps of providing a friendly and centralized management interface for a user by utilizing an REST API (Representational State Transfer Application Programming Interface); simplifying a global network view to an abstract network view; carrying out matching detection on a newly added access control list rule requested by a user; implementing access control based on the abstract network view in an active manner according to the user request; and dynamically responding to a network view updating event to update a flow table timely. According to the method, the centralized interface is provided for the user to simplify the network management; the access control is implemented in an active manner, so that the data packet forwarding delay is reduced; through carrying out the matching detection, a space of the flow table is saved; and furthermore, through dynamically responding to the network view updating event, the correctness of a high-level decision is guaranteed.

Description

technical field [0001] The invention relates to a user-driven SDN network centralized access control method, which belongs to the technical field of computer applications. Background technique [0002] Due to the continuous emergence of network services and the rapid expansion of network scale, the traditional network architecture has exposed serious problems. The root cause is the tight coupling of control logic and forwarding logic and the distributed network device control method. SDN network is an emerging network architecture, which overcomes the shortcomings of traditional networks by separating control logic and forwarding logic, and has been widely recognized by academia and industry. [0003] As a network security mechanism, access control provides the function of filtering data packets by applying a series of access control rules to data packets entering and leaving the network. In a traditional network, access control is implemented by configuring the access cont...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/101
Inventor 李克秋卢鹏飞齐恒喻海生
Owner DALIAN UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap