Unlock instant, AI-driven research and patent intelligence for your innovation.

A cloud security function scheduling system based on SDN

A technology for security functions and scheduling systems, applied in the network field

Active Publication Date: 2019-06-28
SUN YAT SEN UNIV
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In order to solve the problems that existing technologies still have many deficiencies in network attacks of different types and scales, the present invention provides an SDN-based cloud security function scheduling system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A cloud security function scheduling system based on SDN
  • A cloud security function scheduling system based on SDN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0024] Such as figure 1 As shown, the system includes a cloud security virtual orchestration module, a cloud security virtual function module, a cloud security virtual load module, a cloud security implementation module, and a virtual resource server module. The cloud security virtual orchestration module is used to implement the definition of security orchestration, and the cloud security virtual function module is called to complete the overall operation of the security orchestration;

[0025] The cloud security virtual function module is used to establish a security configuration server and call the cloud security virtual load module to complete the automatic configuration and deployment of a single security function;

[0026] The cloud security virtual load module is used to define different types of virtual security loads and realize automatic deployment;

[0027] The cloud security implementation module is responsible for receiving and processing the deployment command for the ...

Embodiment 2

[0030] Such as figure 2 As shown, the present invention is based on the SDN architecture. The SDN controller communicates with SDN switches at all levels through the openflow protocol. The main part of the cloud security function scheduling system can be deployed on any physical host or even a virtual machine connected to the network, including cloud security virtual orchestration module, cloud security virtual function module, cloud security virtual load module and cloud security implementation module; virtual resources The server module is installed inside each host and forms a logical connection with the main system through RPC. The main part of the system interacts with the controller by calling REST API.

[0031] Cloud security shields users from the physical characteristics of a specific network platform to provide a basis for unified and standardized security function scheduling. The module design is divided into three virtualization levels: orchestration layer, functi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an SDN-based cloud security function scheduling system. The system comprises a cloud security virtual arrangement module, a cloud security virtual function module, a cloud security virtual load module, a cloud security realization module and a virtual resource server module. The system defines a virtualization process from deployment of a single security function to a wholeset of security arrangement based on computing resource virtualization and network virtualization in a cloud environment, and establishes a foundation for a user to realize unified security functionscheduling in different network environments. The system utilizes SDN architecture control and data separation at the level of realization, and therefore the system has the advantages of being simple,flexible, easy to expand and the like.

Description

Technical field [0001] The present invention relates to the field of network technology, and more specifically, to an SDN-based cloud security function scheduling system. Background technique [0002] As an important cornerstone of the big data era, cloud data centers have developed rapidly in recent years, carrying more and more personal, corporate, and government data services. In the cloud environment, the emergence of various new applications and protocols, dynamic topologies and rapidly expanding network scales pose huge challenges for the deployment of network security functions. However, the existing technology still has many shortcomings in the face of network attacks of different types and scales in a complex and changeable cloud network environment. Summary of the invention [0003] In order to solve the problem that the prior art cannot have many deficiencies when network attacks of different types and scales are not available, the present invention provides a cloud se...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/455H04L29/08
Inventor 余顺争曾旺
Owner SUN YAT SEN UNIV