《计算机应用研究》|Application Research of Computers

软件定义天地一体化网络接入认证架构与方法

One access authentication architecture and method for software defined space-ground integration network

免费全文下载 (已被下载 次)  
获取PDF全文
作者 胡志言,杜学绘,曹利峰
机构 1.信息工程大学,郑州 450001;2.数学工程与先进计算国家重点实验室,郑州 450001
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2019)03-045-0873-05
DOI 10.19734/j.issn.1001-3695.2017.09.0944
摘要 天地一体化网络因结构复杂存在网络异构动态、间歇连通、节点高度暴露等特性。为了保证安全,需要研究专有的接入认证架构与方法。利用软件定义网络控制面与数据面分离的思想将其与天地一体化信息网络相结合提出一种新的接入认证架构,对认证架构与过程进行详细描述,可以实现对网络的安全防护与资源的优化控制;根据架构特点,提出七个影响接入点决策的属性,给出各个属性的计算公式,将层次分析法与逼近理想解的排序方法相结合提出一种接入点决策算法。实验仿真结果表明,接入点决策准确,可以实现资源的合理利用。
关键词 天地一体化网络;软件定义网络;接入认证架构;决策属性;决策算法
基金项目 国家重点研发计划资助项目(2016YFB0501901)
国家“863”计划资助项目(2015AA016006)
国家自然科学基金资助项目(61502531,61702550)
本文URL http://www.arocmag.com/article/01-2019-03-045.html
英文标题 One access authentication architecture and method for software defined space-ground integration network
作者英文名 Hu Zhiyan, Du Xuehui, Cao Lifeng
机构英文名 1.InformationEngineeringUniversity,Zhengzhou450001,China;2.StateKeyLaboratoryofMathematicalEngineering&AdvancedComputing,Zhengzhou450001,China
英文摘要 Due to the complex structure of space-ground integration network, it has characteristics of heterogeneous, dynamic, intermittent connectivity and high exposure, it is necessary to study the special access authentication architecture and method in order to ensure security.The software defined network(SDN) adopted the idea of separating control surface from data surface, so this paper proposed a new access authentication architecture which combined SDN and space-ground integration network to realize flexibility.It consisted of detailed description of the authentication architecture and process, and it could realize security protection and resources optimization control.Then according to the characteristics of the architecture, this paper put forward 7 attributes of influencing access point decision, and presented the calculating formula of each attribute.In addition, it proposed an access point decision algorithm based on analytic hierarchy process and technique for order preference by similarity to an ideal solution.Simulation experiments show that the algorithm can select the best access point and it can achieve reasonable utilization of resources.
英文关键词 space-ground integration network; software defined network(SDN); access authentication architecture; decision attribute; decision algorithm
参考文献 查看稿件参考文献
  [1] 李凤华, 殷丽华, 吴巍, 等. 天地一体化信息网络安全保障技术研究进展及发展趋势[J] . 通信学报, 2016, 37(11):156-168. (Li Fenghua, Yin Lihua, Wu Wei, et al. Research status and development trends of security assurance for space-ground integration information network[J] . Journal on Communications, 2016, 37(11):156-168. )
[2] 王春锋. 软件定义可重构卫星网络系统研究[J] . 中国电子科学研究院学报, 2015, 10(5):455-459. (Wang Chunfeng. Research of software-defined reconfigurable satellite network system[J] . Journal of China Academy of Electronics and Information Technology, 2015, 10(5):455-459. )
[3] 陈晨, 谢珊珊, 张潇潇, 等. 聚合SDN控制的新一代空天地一体化网络架构[J] . 中国电子科学研究院学报, 2015, 10(5):450-454. (Chen Chen, Xie Shanshan, Zhang Xiaoxiao, et al. A new space and terrestrial integrated network architecture aggregated SDN[J] . Journal of China Academy of Electronics and Information Technology, 2015, 10(5):450-454. )
[4] Iqbal H, Ma J, Stranc K, et al. A software-defined networking architecture for aerial network optimization[C] //Proc of IEEE NetSoft Conference and Workshops. Piscataway, NJ:IEEE Press, 2016:151-155.
[5] 李婷, 胡建平, 徐会忠. 天基信息网络的软件定义网络应用探析[J] . 电讯技术, 2016, 56(3):259-266. (Li Ting, Hu Jianping, Xu Huizhong. Application discussion of software defined network in space-based information network[J] . Telecommunication Engineering, 2016, 56(3):259-266. )
[6] 吴曼青, 吴巍, 周彬, 等. 天地一体化信息网络总体架构设想[J] . 卫星与网络, 2016(3):30-36. (Wu Manqing, Wu Wei, Zhou Bin, et al. Overall framework idea for space-ground integration information network[J] . Satellite & Network, 2016(3):30-36. )
[7] Stanford University. Clean slate program[EB/OL] . (2017-05-25)[2017-10-09] . https://en. wikipedia. org/wiki/Clean_Slate_Program.
[8] McKeown N. Software-defined networking[C] //Proc of INFOCOM Keynote Talk. 2009:30-32.
[9] 王蒙蒙, 刘建伟, 陈杰, 等. 软件定义网络:安全模型、机制及研究进展[J] . 软件学报, 2016, 27(4):969-992. (Wang Mengmeng, Liu Jianwei, Chen Jie, et al. Software defined networking:security model, threats and mechanism[J] . Journal of Software, 2016, 27(4):969-992. )
[10] Wang Kun, Wang Yihui, Zeng Deze, et al. An SDN-based architecture for next-generation wireless networks[J] . IEEE Wireless Communications, 2017, 24(1):25-31.
[11] Costa-Perez X, Garcia-Saavedra A, Li Xi, et al. 5G-crosshaul:an SDN/NFV integrated fronthaul/backhaul transport network architecture[J] . IEEE Wireless Communications, 2017, 24(1):38-45.
[12] Rahman M M, Despins C, Affes S. Design optimization of wireless access virtualization based on cost & QoS trade-off utility maximization[J] . IEEE Trans on Wireless Communications, 2016, 15(9):6146-6162.
[13] Callegati F, Cerroni W, Contoli C, et al. SDN for dynamic NFV deployment[J] . IEEE Communications Magazine, 2016, 54(10):89-95.
[14] Adami D, Martini B, Sgambelliri A, et al. An SDN orchestrator for cloud data center:system design and experimental evaluation[J] . Transactions on Emerging Telecommunications Technologies, 2017, 28(11):e3172.
[15] 岳超源. 决策理论与方法[M] . 北京:科学出版社, 2003. (Yue Chaoyuan. Decision theory and method[M] . Beijing:Science Press, 2003. )
[16] 闫冲冲, 郝永生. 基于层次分析法(AHP)的空中目标威胁度估计[J] . 计算技术与自动化, 2011, 30(2):118-121. (Yan Chongchong, Hao Yongsheng. Threat assessment of aerial target based on AHP[J] . Computing Technology and Automation, 2011, 30(2):118-121. )
收稿日期 2017/9/7
修回日期 2017/10/24
页码 873-877
中图分类号 TP393.03
文献标志码 A