Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Credible connection method and system of software defined network

A software-defined network and connection method technology, which is applied in the field of trusted connection methods and systems of software-defined networks, and can solve problems such as attack, data forwarding and other functional impacts, and peer device platform integrity authentication.

Inactive Publication Date: 2018-11-16
中共中央办公厅电子科技学院
View PDF3 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The inventor found that in the existing software-defined network, the controller at the control layer and the OVS (switch) at the data forwarding layer only perform an interactive handshake of the protocol version when establishing a connection, and do not communicate with the peer device to be connected. Perform platform integrity authentication, which may cause the controller or OVS (switch) to be attacked by connecting with risky devices
As the core of SDN, the controller in the control layer has a particularly important security status. Once it is attacked, it will not work normally, and even cause the network to be paralyzed.
As the executor of data forwarding work, OVS (switch) may be used by dangerous devices to affect functions such as data forwarding and even cause network paralysis

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Credible connection method and system of software defined network
  • Credible connection method and system of software defined network
  • Credible connection method and system of software defined network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is only a part of embodiments of the present invention, but not all embodiments. The components of the embodiments of the invention generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations.

[0059] Accordingly, the following detailed description of the embodiments of the invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely represents selected embodiments of the invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of software defined network security, and specifically provides a credible connection method and system of a software defined network. The method comprises the following steps: a controller sends a first authentication request to a switch, the switch sends first feedback information to the controller based on the first authentication request, the controller authenticates whether the switch is credible based on a first preset PCR value, the first authentication request and the first feedback information, and sends a configuration query request to the switch when the switch is credible, the switch sends a second authentication request to the controller, the controller sends second feedback information to the switch based on the received second authentication request, the switch authenticates whether the controller is credible based on a second preset PCR value, the second authentication request and the second feedback information, and feeds back configuration information to the controller based on the configuration query request when the controller is credible. By means of the above settings, a credible connection between the switch and the controller is established in the software defined network, thereby avoiding the situation that the network is affected to be paralyzed.

Description

technical field [0001] The present invention relates to the field of software-defined network security, in particular to a trusted connection method and system for software-defined networks. Background technique [0002] The control layer and data forwarding layer of Software Defined Networking (SDN) are separated, and the data forwarding layer is usually managed by the control layer in a unified manner to simplify network management, improve network flexibility, and reduce network adjustment and configuration costs. [0003] The inventors have found that in the existing software-defined network, the controller at the control layer and the OVS (switch) at the data forwarding layer only perform handshakes of protocol versions when establishing a connection, and do not perform a handshake on the peer device to be connected. Perform platform integrity authentication, which in turn may cause the controller or OVS (switch) to be attacked by connecting with risky devices. As the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32
CPCH04L9/3247H04L63/0428H04L63/08
Inventor 魏占祯李兆斌韩妍妍刘梦甜韩禹刘泽一
Owner 中共中央办公厅电子科技学院
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com