Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for providing network differentiated security service based on SDN/NFV

A technology for network security and security services, applied in the field of secure access networks, it can solve the problems of complex maintenance, high network security costs, and long delays, and achieve the effect of improving network performance and reducing service overhead.

Inactive Publication Date: 2020-03-13
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
View PDF4 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] Aiming at the problems that the existing network security mechanism adopts the idea of ​​"patching", the cost of network security is getting higher and higher, the time delay is getting bigger and the maintenance is getting more and more complicated, etc., the present invention proposes a method based on the security needs of network users. Different methods provide differentiated security services, and a method based on SDN / NFV to design and implement a secure access network with differentiated security features

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for providing network differentiated security service based on SDN/NFV
  • Method for providing network differentiated security service based on SDN/NFV
  • Method for providing network differentiated security service based on SDN/NFV

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] The application of the present invention will be described in detail below in conjunction with the accompanying drawings and specific examples.

[0036] 1. Build a secure access network

[0037] On the Lenovo ThinkServer RD550 server in the laboratory according to figure 2 A prototype system of secure access network is realized. The server has two Intel Xeon E5-2620 v3 2.40GHz CPUs, 32GB of RAM, and the operating system is Ubuntu 16.04.4, of which the Linux kernel version is 4.4.0-122-generic.

[0038] (1) Components based on virtual middlebox

[0039] We use Linux container (LXC) as a virtual middlebox, and run the corresponding VNF on the middlebox to build the corresponding SDN controller, vOFS, vNSF, virtual router and virtual host, etc. In order to realize the SDN network function, we installed and configured the open source SDN controller ONOS on the LXC middle box, the version is 1.14.0-SNAPSHOT, as a virtual SDN controller; installed and configured Open vSwi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Based on the fact that various types of network users have different security requirements and security environments, the invention provides a method for providing different security services according to different user security levels and a method for realizing a security access network based on an SDN / NFV design. According to the method for providing the differential network security service, the network security service overhead can be effectively reduced, the network performance is improved, and the method can meet the requirement of network security technology development. In addition, the method for realizing the secure access network based on the SDN / NFV design has a practical value, and has the power of increasing and motivating users to standardize network security behaviors.

Description

technical field [0001] The invention belongs to the field of network security and network communication, and specifically proposes a method for providing differentiated security services to users according to different security levels and a security system with differentiated security features based on SDN / NFV design. method of accessing the network. Background technique [0002] With the popularity of network applications in all walks of life, network attack methods emerge in endlessly. In order to prevent network security threats, the current TCP / IP network architecture adopts the idea of ​​"patching", by continuously adding special devices with different security functions, such as firewalls, intrusion detection systems (IDS / IPS), deep packet inspection ( DPI) and other middle boxes to deal with it. This leads to more and more types and quantities of security middleboxes, and makes the structure of the network more and more complicated, the overhead is higher and higher...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/725
CPCH04L45/308H04L63/1416H04L63/205
Inventor 陈鸣邓理吴伟楠朱正一
Owner NANJING UNIV OF AERONAUTICS & ASTRONAUTICS