Network encryption method, system, medium and equipment based on southbound interface

A technology of southbound interface and encryption method, which is applied in the field of SDN and can solve the problem of no effective solution for network service encryption without a controller.

Active Publication Date: 2022-03-22
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] This application provides a network encryption method, system, medium and equipment based on the southbound interface to solve the technical problem that there is no effective solution for the controller to implement network service encryption in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network encryption method, system, medium and equipment based on southbound interface
  • Network encryption method, system, medium and equipment based on southbound interface
  • Network encryption method, system, medium and equipment based on southbound interface

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] Example 1: Please refer to figure 1 ,

[0029] A southbound interface-based network encryption method includes:

[0030] Step 1: The SD-WAN controller reports the message according to the service quality status information, queries the encryption list, obtains the encryption policy, and forms an encryption policy message;

[0031] Step 2: The SD-WAN controller sends an encryption policy message through the southbound interface;

[0032] Step 3: The SDN switch encrypts and forwards the specified message according to the encryption policy message.

Embodiment 2

[0033] Embodiment two: if Figure 5 As shown, on the basis of Embodiment 1, the SD-WAN controller reports the message according to the service quality status information, queries the encryption list (wherein the encryption list is shown in Table 1), obtains the encryption policy, and forms an encryption policy message specifically indicating is:

[0034] According to the total bandwidth Total-band and the remaining bandwidth left-band, a service quality status information reporting message is formed;

[0035] Query the encryption list according to the total-band control word and left-band control word in the service quality status information report message, and obtain the encryption strategy including the Encry_alga control word, Encry_mode control word, key_index control word and flow_id control word; the service quality status information The format of the report message is: version+type+length+xid+flags1+Total-band+left-band; flags1 is a flag bit, indicating the status in...

Embodiment 3

[0055] Embodiment three, on the basis of embodiment one or 2, such as Figure 5 As shown, the specific format of the message of the encryption policy:

[0056] version+type+length+xid+flags2+Encry_alga+Encry_mode+key_index+flow_id; among them, version indicates the version number; type indicates the type of openflow message; length indicates the length of the message; xid indicates the processing id associated with the message; flags2 indicates The number of the policy indicates whether this policy is to add an encryption policy or delete an encryption policy; Encry_alga indicates the specific encryption algorithm; key_index indicates the key index, flow_id indicates the characteristic information of the message to be encrypted; Encry_mode indicates the encryption mode.

[0057] For example: the value of the type field is 81, indicating that this is an encryption policy sent by the controller to the switch.

[0058] Of course, the above message format can also be further expa...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present application relates to the technical field of SDN, and in particular, relates to a southbound interface-based network encryption method, system, medium and equipment. In order to solve the technical problem that the prior art does not have an effective solution for the controller to implement network service encryption. In this application, the SD-WAN controller reports the message according to the service quality status information, queries the encryption list, and obtains the encryption policy; the SD-WAN controller issues the encryption policy through the southbound interface; Encrypt and forward.

Description

technical field [0001] The present application relates to the technical field of SDN, and in particular, relates to a southbound interface-based network encryption method, system, medium and equipment. Background technique [0002] SDN technology migrates the control plane of the switching device to a centralized controller, and replaces the control plane in the switching device with a standardized southbound interface. The network control technology of the controller mainly includes link discovery through the southbound interface protocol, Topology management, policy formulation, table item distribution, etc. However, the following two issues are not considered: [0003] (1) According to different network operating states and data security levels, the sdn network does not have a corresponding dynamic encryption mechanism. [0004] (2) When the SDN network needs to be encrypted, the southbound interface of the controller does not have a relevant distribution mechanism. Cu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/045
Inventor 纪晓宇陈松张斌李鉴王宏
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap