Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

SDN information access control method based on authenticated hierarchical attribute encryption

An attribute encryption and information access technology, applied in the field of network information security, can solve the problems of network sensitive information theft, limit the scalability of SDN, hinder applications, etc., to improve scalability, improve security and efficiency, and reduce overhead. Effect

Active Publication Date: 2019-03-01
NANJING COLLEGE OF INFORMATION TECH
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although it has many advantages, SDN information security issues hinder its further application. Many solutions are difficult to strike a balance between security, effectiveness and usability, and even limit the inherent advantages of SDN such as scalability.
One of the most serious problems is that because the SDN control layer facilitates remote control, this makes the network sensitive information controlled by the control layer extremely vulnerable to remote control and thus being stolen by attackers.
However, the existing solutions are not enough to realize the flexible, efficient and accurate information security management of SDN, so it is particularly important to deploy a safe, flexible and efficient information security management mechanism

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SDN information access control method based on authenticated hierarchical attribute encryption
  • SDN information access control method based on authenticated hierarchical attribute encryption
  • SDN information access control method based on authenticated hierarchical attribute encryption

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] The present invention will be described in detail below in conjunction with the accompanying drawings and examples.

[0071] see figure 1 , the method system of the present invention is distributed in the data layer, control layer and management layer of SDN, including a control system composed of four roles: attribute authority, SDN controller, encryption component and decryption component, wherein the attribute authority includes root attribute authority and local attribute authority. When the method of the invention is started, the root attribute authority first executes the initialization operation and transmits parameters to the encryption component of the data layer and the decryption component of the management layer. Secondly, starting from the root attribute authority, iteratively realizes the authorization operation layer by layer, including local attribute authority authorization and user authorization. Then the encryption component located in the data lay...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An SDN information access control method based on authenticated hierarchical attribute encryption is based on a control system consisting of attribute authorities, SDN controllers, a cryptographic component and a decryption component, wherein a root attribute authority in the attribute authorities is responsible for the registration of the global attributes and the release of a public key; a localattribute authority is responsible for publishing a private key associated with a certain type of attribute; the SDN controllers are responsible for collecting, storing, and managing important information including SDN flow tables, routes, and data volumes, and interacting with SDN controllers of other domains; the cryptographic component is responsible for delivering the collected user or othernetwork device data to the SDN control layer and encrypting the data; and the decryption component is responsible for obtaining useful data for different network applications. The decryption componentuses different attribute sets to describe identities of different network applications, and has a private key corresponding to the set of attributes, and only when the set of attributes embedded in the private key satisfies the access policy, correct information can be obtained.

Description

technical field [0001] The invention relates to secure access control of SDN information, in particular to an SDN information access control method based on authentication hierarchical attribute encryption, which belongs to the field of network information security. Background technique [0002] Software defined network (SDN for short) is an excellent network architecture, which logically separates the control layer and data layer of the network, thereby reducing the hardware cost and management cost of network construction. On this basis, administrators or developers can conveniently perform centralized debugging on devices from different manufacturers. Although it has many advantages, SDN information security issues hinder its further application. Many solutions are difficult to strike a balance between security, effectiveness, and usability, and even limit the inherent advantages of SDN such as scalability. One of the most serious problems is that because the SDN control...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/30H04L9/08H04L29/06
CPCH04L9/0866H04L9/0869H04L9/302H04L9/3073H04L63/0442H04L63/0876H04L63/102H04L63/105H04L9/0836
Inventor 顾振飞袁小燕周波聂佰玲张帅华姜浩东
Owner NANJING COLLEGE OF INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com