Micro-isolation protection method and micro-isolation protection system based on OpenFlow protocol

An openflow protocol and micro-isolation group technology, applied in the Internet field, can solve problems such as competing for resources, consuming bandwidth and diverting traffic, generating load, etc., to achieve the effects of avoiding resource consumption, less delay, and less waste of bandwidth resources

Active Publication Date: 2019-10-25
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF11 Cites 32 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In view of the problems of the above research, the purpose of the present invention is to provide a micro-isolation protection method and system based on the OpenFlow protocol, to solve the problem of access control of massive virtual machine network east-west traffic in the prior art, which either consumes bandwidth for drainage, or generates load, The problem of competing for resources with the user's machine

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Micro-isolation protection method and micro-isolation protection system based on OpenFlow protocol
  • Micro-isolation protection method and micro-isolation protection system based on OpenFlow protocol
  • Micro-isolation protection method and micro-isolation protection system based on OpenFlow protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0049] This method is applicable to the following scenarios:

[0050] 1) Relevant services are located in the same virtual local area network (scattered in different computing nodes), on the one hand to prevent service interruption and meet the dynamic migration of virtual machines. On the other hand, it reduces the attack surface and improves security.

[0051] 2) The operation and maintenance personnel have relevant records of the services run by the server (relevant records refer to the planning before the deployment of the virtual machine, what server is deployed on this virtual machine, what it does, and the open ports, etc.), these records can be used as Afterwards, the generation and decision-making of protection strategies are isolated, the accuracy of automatic software-generated decisions is improved, and the workload of operation an...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a micro-isolation protection method and system based on an OpenFlow protocol, belongs to the technical field of the Internet, and solves the problems that in the prior art, east-west flow access control is carried out on massive virtual machine networks, bandwidth is consumed for drainage, or loads are generated, and resources are competed with clients. The network communication relationship between the virtual machines is obtained through the obtained continuous flow table. All the virtual machines are divided into a plurality of micro-isolation groups by utilizing animproved MCL algorithm based on a network communication relationship. An isolation strategy for the micro-isolation groups and the virtual machines is generated in the micro-isolation groups accordingto each micro-isolation group. The communication ports necessary for the virtual machines to run the service and the service types predefined by the virtual machines. The invention is used for performing micro-isolation protection on the virtual network constructed by a plurality of VMs in a virtualization environment.

Description

technical field [0001] A micro-isolation protection method and system based on the OpenFlow protocol are used for micro-isolation protection of a virtual network constructed by multiple VMs in a virtualized environment, and belong to the technical field of the Internet. Background technique [0002] With the development of virtualization technology, more and more enterprises have changed their original hardware server deployment strategies to adopt data center virtualization solutions. Virtualization technology can turn a physical server into several or even hundreds of virtual hosts isolated from each other, and turn physical resources (such as CPU, memory, magnetic I / O, etc.) into "resource pools" that can be dynamically managed. The demand is dynamically allocated to multiple logical virtual machines, which improves resource utilization and reduces costs, but also brings some new security issues. For example, there is a lack of security isolation between virtual machines...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/50G06F21/57H04L29/06H04L12/46
CPCH04L63/02G06F21/57G06F21/50H04L12/4641
Inventor 张小松游艺锋牛伟纳李子豪罗宇恒杨淳
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap