Endogenous security implementation device and method for forwarding flow table

An implementation method and forwarding flow technology, applied in the field of data communication, can solve problems such as algorithm vulnerability and untrustworthiness

Active Publication Date: 2021-07-06
FENGHUO COMM SCI & TECH CO LTD
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the above defects or improvement needs of the prior art, the present invention provides a device and method for implementing endogenous security of forwarding flow tables. Compare and determine the

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Endogenous security implementation device and method for forwarding flow table
  • Endogenous security implementation device and method for forwarding flow table
  • Endogenous security implementation device and method for forwarding flow table

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0060] In order to solve the technical problem that a single algorithm is vulnerable and untrustworthy, and realize the endogenous security of network equipment in a better heterogeneous manner, the embodiment of the present invention provides an endogenous security implementation device for forwarding flow tables, such as figure 1 As shown, it mainly includes a control unit, a security processing unit and a data plane.

[0061] The control unit calculates the forwarding flow table of the current network device based on different algorithms through different executive bodies, and allocates a unified flow identification ID for each forwarding flow table according to the business flow attribute, and sends each forwarding flow table to the The security processing unit; wherein, the forwarding flow table includes one or more entries including the flow identification ID, and each service corresponds to an entry in the forwarding flow table.

[0062] The security processing unit det...

Embodiment 2

[0098] In order to solve the technical problem that a single algorithm is vulnerable and untrustworthy, and realize the endogenous security of the network device in a more optimal heterogeneous manner, the embodiment of the present invention further provides a method for implementing the endogenous security of the forwarding flow table, which can be achieved by The device described in Example 1 was carried out.

[0099] Such as image 3 As shown, the endogenous security implementation method of the forwarding flow table provided by the embodiment of the present invention mainly includes the following steps:

[0100] Step S1: The configuration management module of the control unit selects at least three heterogeneous executives, and configures the flow table generation algorithm, flow table generation method and related QoS constraint parameters for each executive body, and different execution bodies configure different flow table generation algorithm.

[0101] This step is m...

Embodiment 3

[0113] On the basis of the above-mentioned embodiment 1, the embodiment of the present invention further introduces the process of "each executive generates a forwarding flow table" corresponding to step S2. combine Figure 4 , the process of generating the forwarding flow table by each executive is as follows:

[0114] Step S201: Each executive body receives the flow table generation algorithm, flow table generation method and related QoS constraint parameters configured by the configuration management module, such as delay and jitter requirements. From the introduction in Embodiment 2, it can be known that the configuration management module will pre-configure the flow table generation algorithm, flow table generation method and related QoS constraint parameters that need to be satisfied for each executive, such as pre-configuring a service with a priority of 5 Reserve 10M bandwidth, etc.; each executive can directly receive the parameters configured by the configuration ma...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an endogenous security implementation device and method for a forwarding flow table, and the method comprises the steps: a control unit separately calculates the forwarding flow table of current network equipment through different execution bodies based on different algorithms, allocates a uniform flow identifiers ID to each forwarding flow table according to a service flow attribute, and transmits each forwarding flow table to a security processing unit after the allocation is completed; a security processing unit detects the security of each execution body by comparing different forwarding flow tables, and issues the forwarding flow tables generated by the security execution bodies to a data plane according to a detection result; and after receiving the data packet, the data plane calculates the flow identifiers ID according to a key field, searches for a corresponding entry from the received secure forwarding flow tables based on the flow identifiers ID, and forwards the data packet. According to the method, the dynamic heterogeneous redundancy of the forwarding flow table is generated based on different algorithms, the problem that a single algorithm is easily attacked and is untrusted is avoided, and the endogenous security of the network equipment is realized in a better heterogeneous mode.

Description

technical field [0001] The invention belongs to the technical field of data communication, and more specifically relates to a device and method for implementing endogenous security of a forwarding flow table. Background technique [0002] With the deep penetration of the Internet into production and life, especially the Internet of Vehicles, telemedicine, and industrial networks, higher requirements are placed on network security and reliability. However, the current TCP / IP protocol system is designed for a small The "acquaintance network" with large scale and mutual trust neither considers how to establish trusted communication in an environment of untrusted networks and terminals, nor fully considers how to conduct safe and reliable communication in a network with security risks. This has led to the fact that the current Internet superimposes partial security functions by continuously adding "security patches", without complete and endogenous security and credibility capab...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/741H04L29/06H04L12/851H04L45/74
CPCH04L45/54H04L63/20H04L47/24
Inventor 汪学舜余少华戴锦友张紫倩赵晓雨
Owner FENGHUO COMM SCI & TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap