Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for realizing network access control based on CPU + FPGA + search engine platform

A network access control and search engine technology, which is applied in the field of network access control based on CPU+FPGA+search engine platform, can solve the problems of not meeting access control requirements, not meeting high-speed forwarding, and poor customizability of network layer protocols.

Active Publication Date: 2020-10-27
NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
View PDF8 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] Manufacturers in the industry generally use the switching chip + FPGA platform solution to realize the access control of high-speed network equipment with customizable protocols. Layer protocols are poorly customizable and only support a few public protocols, which cannot meet the access control requirements for the entire protocol stack of customizable protocols
In addition, some manufacturers in the industry use CPUs to implement access control for the entire protocol stack of customizable protocols, but this is only implemented on low-speed network devices, which cannot meet the requirements of high-speed forwarding

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for realizing network access control based on CPU + FPGA + search engine platform
  • Method for realizing network access control based on CPU + FPGA + search engine platform
  • Method for realizing network access control based on CPU + FPGA + search engine platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to have a clearer understanding of the technical features, purposes and effects of the present invention, specific implementations of the present invention are now described. It should be understood that the specific embodiments described here are only used to explain the present invention, and are not intended to limit the present invention, that is, the described embodiments are only some of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without making creative efforts belong to the protection scope of the present invention.

[0043] This embodiment provides a method for realizing network access control based on a CPU+FPGA+search engine platform. The CPU formulates an access control table according to the customizable protocol stack access control requirements, and then sends the access control table to the search engine thro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of communication security, and discloses a method for realizing network access control based on a CPU + FPGA + search engine platform, which comprises the followingsteps that: a CPU formulates an access control table according to a customizable protocol stack access control requirement, and then issues the access control table to a search engine through an FPGA;when the network equipment carries out high-speed data hard forwarding through the FPGA, the FPGA extracts data flow characteristics, carries out quick search through the search engine, and matches an access control action of the data flow; and the FPGA performs forwarding processing on the data according to the access control action of the data flow. According to the method, a high-speed networkfull-protocol stack access control requirement with a customizable protocol is used, and a CPU + FPGA + search engine platform is adopted to realize flexible and configurable high-speed network equipment full protocol stack access control of customizable protocols; the method solves the problem of difficulty in realizing high-speed network access control with a customizable protocol, and has a very high application value in a secret communication network scene with high reliability, high autonomy requirements and a customizable protocol.

Description

technical field [0001] The invention relates to the technical field of communication security, in particular to a method for realizing network access control based on a CPU+FPGA+search engine platform. Background technique [0002] Access control is a technology required by all network systems. It is a technology that restricts users' access to certain information items or the use of certain control functions according to the user's identity and a defined group to which they belong. Access control features include: [0003] 1) Prevent illegal users from entering protected network resources; [0004] 2) Allow legitimate users to access protected network resources; [0005] 3) Prevent legitimate users from unauthorized access to protected network resources. [0006] At present, the industry's technical solutions for IP network access control are very mature, but there are very few implementations of access control for high-speed networks where the network layer protocol is ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/101H04L63/164H04L63/20
Inventor 刘亮吴捷李鉴王文胜杨宏
Owner NO 30 INST OF CHINA ELECTRONIC TECH GRP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com