Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network encryption method and system based on southbound interface, medium and equipment

A technology of southbound interface and encryption method, which is applied in the field of SDN, can solve the problem that there is no effective solution for network service encryption of the controller, and achieve the effect of improving security

Active Publication Date: 2020-03-24
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF7 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] This application provides a network encryption method, system, medium and equipment based on the southbound interface to solve the technical problem that there is no effective solution for the controller to implement network service encryption in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network encryption method and system based on southbound interface, medium and equipment
  • Network encryption method and system based on southbound interface, medium and equipment
  • Network encryption method and system based on southbound interface, medium and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] Example 1: Please refer to figure 1 ,

[0029] A southbound interface-based network encryption method includes:

[0030] Step 1: The SD-WAN controller reports the message according to the service quality status information, queries the encryption list, obtains the encryption policy, and forms an encryption policy message;

[0031] Step 2: The SD-WAN controller sends an encryption policy message through the southbound interface;

[0032] Step 3: The SDN switch encrypts and forwards the specified message according to the encryption policy message.

Embodiment 2

[0033] Embodiment two: if Figure 5 As shown, on the basis of Embodiment 1, the SD-WAN controller reports the message according to the service quality state information, queries the encryption list (wherein the encryption list is shown in Table 1), obtains the encryption policy, and forms an encryption policy message specifically indicating is:

[0034] According to the total bandwidth Total-band and the remaining bandwidth left-band, a service quality status information reporting message is formed;

[0035] Query the encryption list according to the total-band control word and left-band control word in the service quality status information report message, and obtain the encryption strategy including the Encry_alga control word, Encry_mode control word, key_index control word and flow_id control word; service quality status information The format of the report message is: version+type+length+xid+flags1+Total-band+left-band; flags1 is a flag bit, indicating the status informa...

Embodiment 3

[0055] Embodiment three, on the basis of embodiment one or 2, as Figure 5 As shown, the specific format of the message of the encryption policy:

[0056] version+type+length+xid+flags2+Encry_alga+Encry_mode+key_index+flow_id; among them, version represents the version number; type represents the openflow message type; length represents the message length; xid represents the processing id associated with the message; flags2 represents The number of the policy indicates whether to add an encryption policy or delete an encryption policy; Encry_alga indicates the specific encryption algorithm; key_index indicates the key index, flow_id indicates the characteristic information of the message to be encrypted; Encry_mode indicates the encryption mode.

[0057] For example, the value of the type field is 81, indicating that this is an encryption policy sent by the controller to the switch.

[0058] Of course, the above-mentioned message format can be further extended on the above-me...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of SDN, in particular to a network encryption method and system based on a southbound interface, a medium and equipment. The technical problem that an effective solution for realizing network service encryption for a controller does not exist in the prior art is solved. The method comprises: an SD-WAN controller reporting a message according to servicequality state information and querying an encryption list to obtain an encryption strategy; the SD-WAN controller issuing an encryption strategy through a southbound interface; and the SDN switch encrypting and forwarding the specified message according to the encryption strategy.

Description

technical field [0001] The present application relates to the technical field of SDN, and in particular, relates to a southbound interface-based network encryption method, system, medium and equipment. Background technique [0002] SDN technology migrates the control plane of the switching device to a centralized controller, and replaces the control plane in the switching device with a standardized southbound interface. The network control technology of the controller mainly includes link discovery through the southbound interface protocol, Topology management, policy formulation, table item distribution, etc. However, the following two issues are not considered: [0003] (1) According to different network operating states and data security levels, the sdn network does not have a corresponding dynamic encryption mechanism. [0004] (2) When the SDN network needs to be encrypted, the southbound interface of the controller does not have a relevant distribution mechanism. Cu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/045
Inventor 纪晓宇陈松张斌李鉴王宏
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com