摘要
标识网络作为一种新型的网络体系结构,服务于重要用户高安全、高服务质量和高效率的特殊需求,并把安全可控、简洁高效作为首要原则。提出了一种转控融合的标识网络安全控制技术。首先基于身份加密标识密码实现终端、路由器和认证服务器间的安全接入认证;其次基于自主设计的标识映射安全绑定和分布式自同步技术,实现主机和路由器标识绑定关系在标识网中的自分发和自建立;最后通过控制层到转发层的认证状态同步和自定义IP扩展报文专用转发,实现内生安全架构下的高安全标识认证和转控融合安全控制。
As a new type of network architecture,the signage network serves the special needs of important users for high security,high service quality and high efficiency,and takes security and control,simplicity and efficiency as the primary principle.In this paper,a transfer-control fusion technique for signage networks security control is proposed.First,based on the identity encryption identification cryptography,secure access authentication between the terminal,router and authentication server is achieved.Then,based on the self-designed identity mapping security binding and distributed self-synchronization technology,the self-distribution and self-establishment of host and router identity binding relationships in the identity network are achieved.Finally,through the synchronization of the authentication status from the control layer to the forwarding layer and the dedicated forwarding of custom IP extended packets,high-security identity authentication and transfer-control fusion security control under endogenous security architecture is achieved.
作者
吴捷
李鉴
贾永兴
王立
王雄
WU Jie;LI Jian;JIA Yongxing;WANG Li;WANG Xiong(No.30 Institute of CETC,Chengdu Sichuan 610041,China;School of Information and Communication Engineering,University of Electronic Science and Technology of China,Chengdu Sichuan 611731,China)
出处
《通信技术》
2024年第10期1079-1087,共9页
Communications Technology
基金
国家自然科学基金(62072079)。
关键词
转控融合
标识绑定自同步
标识认证
专用转发
transfer-control fusion
identity binding self-synchronization
identification authentication
dedicated forwarding
