A system and method for establishing a secure optical tree in a multi-domain optical network based on distributed PCE
A network security, multi-domain optical technology, applied in the field of multi-domain optical network multicast optical tree establishment system, can solve the problem of not considering the security factors of cross-domain road construction, and achieve the effect of resisting identity forgery attacks
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment 1
[0100] In this embodiment, a distributed PCE-based multi-domain optical network secure optical tree establishment system is disclosed, which is used to establish a secure optical tree in a distributed PCE multi-domain optical network. The system includes a security service module and a trust management module and a key management module;
[0101] The security service module is used to provide message encryption and decryption, identity authentication, source authentication, privacy protection and digital signature services when the secure light tree is established;
[0102] The trust management module is used to provide trust value calculation services when the secure optical tree is established;
[0103] The key management module is used to complete key generation, distribution and update when the secure optical tree is established;
[0104] The security service module includes a message encryption and decryption unit, an identity authentication unit, a source authentication...
Embodiment 2
[0161] This embodiment provides a distributed PCE-based multi-domain optical network security optical tree establishment method, using the distributed PCE-based multi-domain optical network security optical tree establishment system in the first embodiment, in the distributed PCE Establish a secure optical tree from the source node to the destination node in the multi-domain optical network, wherein the multi-domain optical network includes multiple domains, each domain includes a PCE, and the PCE of the domain where the source node is located is the source domain PCE;
[0162] The method follows the steps below:
[0163] Step 1. The destination node calls the identity authentication unit to authenticate the source node. If the authentication is passed, a multicast tree establishment request is generated; otherwise, the multicast tree establishment fails and the communication is interrupted;
[0164] The source node calls the session key encryption and decryption subunit to en...
Embodiment 3
[0230] In this embodiment, the distributed PCE-based multi-domain optical network security optical tree establishment system and method provided by the present invention are verified, and NS-2 is used for experiments. Based on the optical network simulation system SSANS, the PH-PCE protocol, The HDTD protocol and the related modules of the system and method provided by the present invention simultaneously embed NSBench script generation software and Gnuplot graphics drawing software into NS-2. The network topology designed and generated by NSBench is as follows: Figure 5 As shown, each domain realizes 20 nodes, 29 communication links, wherein the domain number i can be set according to actual needs, HDTD protocol and the network topology of the system and method provided by the present invention need to add pPCE, and pPCE is set to calculate the boundary nodes and The time of the abstract path is 25ms. In the experiment, the average arrival rate of the path request message PC...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com