Supercharge Your Innovation With Domain-Expert AI Agents!

A dynamic orchestration method of security service chain based on mpls encapsulation

A security service and dynamic technology, applied in the field of network security, can solve problems such as the lack of network and security function service chain dynamic arrangement method, and achieve the effect of rapid application

Active Publication Date: 2021-10-22
NO 54 INST OF CHINA ELECTRONICS SCI & TECH GRP
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there is still a lack of dynamic orchestration methods for network and security function service chains in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A dynamic orchestration method of security service chain based on mpls encapsulation
  • A dynamic orchestration method of security service chain based on mpls encapsulation
  • A dynamic orchestration method of security service chain based on mpls encapsulation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Below, the technical solution of the present invention will be further described in conjunction with the accompanying drawings.

[0026] figure 1 Shown is a schematic diagram of a service chain in the prior art. In this service chain, a traffic from A to B can be forced to pass through an intermediate firewall, or not to pass through the firewall.

[0027] According to the definition of RFC7665, a service chain is mainly composed of five elements: classifier, service function, service function forwarder (Service Function Forwarder, SFF), service function path (Service Function Path, SFP) and SFC package (SFC Encapsulation). in:

[0028] (1) classifier: classify traffic according to different user policies, network policies or business policies, bind the traffic to a certain service chain at the entrance (that is, add SFC encapsulation), and redirect it to the corresponding service function chain, the service At the exit of the chain, the traffic is unbound from the s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an MPLS encapsulation-based security service chain dynamic arrangement method, which relates to the technical field of network security. On the basis of MPLS multi-protocol label exchange, the invention redefines its head, and proposes a method for generating a traffic classification table and a traction flow table, so as to realize the dynamic arrangement of network and security function service chains. The present invention uses MPLS as the SFC encapsulation protocol, which can realize the multiplexing of the same security function module in different security service chains, and at the same time, does not need to expand the Openflow protocol and modify the function of the current SDN switch, so it can be quickly applied in practice.

Description

technical field [0001] The method relates to the technical field of network security, in particular to an MPLS encapsulation-based security service chain dynamic orchestration method. Background technique [0002] In the process of network communication, various service functions (Service Function, SF) are included, including traditional security functions such as FW, IDS, NAT, etc., as well as specific application service functions such as video and Web applications. Combining these network services and security functions in an orderly manner, and allowing traffic to flow through these service functions in sequence constitutes a service function chain. The purpose of SFC is to dynamically establish a service chain so that different flows can be directed to different service function modules in different orders. Its concept is similar to policy routing, that is, SFC enables network packet traffic to follow a specific path, instead of viewing the final destination of the rou...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/721H04L12/723H04L12/931H04L12/935H04L45/50H04L49/111
CPCH04L49/70H04L49/3009H04L45/50H04L45/38
Inventor 朱晓明贾哲李吉良张林杰刘蓓曹丽惠焦利彬
Owner NO 54 INST OF CHINA ELECTRONICS SCI & TECH GRP
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com