A systematic software-defined data center network security method

A data center network and software-defined technology, applied in transmission systems, electrical components, etc., to prevent illegal operations such as reading and tampering by malicious personnel, protect confidentiality, and prevent illegal operations such as interception and tampering by malicious personnel

Active Publication Date: 2019-05-28
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There is currently no security method that is compatible with the characteristics of software-defined data center networks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] A systematic software-defined data center network security method includes the following aspects:

[0023] 1. The key management center is integrated with the SDN controller.

[0024] Step 1.1: Delineate a dedicated storage area in the data storage area of ​​the SDN controller;

[0025] Step 1.2: Encrypt the storage key with a symmetric encryption method in the dedicated storage area;

[0026] Step 1.3: Delineate a dedicated processing unit in the central processing unit of the SDN controller;

[0027] Step 1.4: Use this dedicated processing unit to handle key management exclusively.

[0028] By integrating the key management center with the SDN controller, it is convenient to simplify the software-defined data center network key management solution, realize efficient key management capabilities, and protect the confidentiality of the network database maintained inside the SDN controller.

[0029] 2. The key distribution process is integrated with the interaction pro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a systematic software-defined data center network security method which comprises: integration of a secret key management center and SDN (Software-Defined Networking) controllers; fusion of a secret key distribution process and an integration process between the SDN controllers and SDN switches; two-layer encryption between different layers of SDN switches; SDN south bound interface channel encryption between the SDN switches and the SDN controllers; encryption between the SDN controllers; and encryption between the SDN controllers and a management terminal. Compared with the prior art, the systematic software-defined data center network security method disclosed by the invention is related to a plurality of levels and a plurality of links, and can meet systematic software-defined data center network security requirements of protecting confidentiality of interactive data between the management terminal and the SDN controllers, protecting confidentiality of interactive data between the SDN controllers, protecting confidentiality of network databases maintained inside the SDN controllers, protecting confidentiality of channels between the SDN controllers and the SDN switches, protecting confidentiality of data interaction between virtual machines and protecting confidentiality of migration channels of the virtual machines.

Description

technical field [0001] The invention relates to a systematic software-defined data center network security method. Background technique [0002] Software-Defined Networking (SDN) technology is still in the early stages of development, and there are already data centers designed based on SDN technology. The software-defined data center network architecture is divided into seven layers from top to bottom: application layer, resource coordination layer, network controller, physical forwarding layer, virtual forwarding layer and computing / storage layer. The application layer includes various applications such as network management. The resource collaboration layer includes collaborative optimization of computing, storage, and network resource allocation. The network controller mainly includes SDN controllers that control network devices. The physical forwarding layer mainly includes SDN network switches and virtual forwarding It mainly includes SDN virtual forwarding devices ex...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0435H04L63/062H04L63/1441H04L63/20
Inventor 牛长喜
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap