Integrating mobility and security in the network layer has become a key factor for Future Internet Architecture(FIA). This paper proposes a secure mobility support mechanism in e Xpressive Internet Architecture(XIA),a...Integrating mobility and security in the network layer has become a key factor for Future Internet Architecture(FIA). This paper proposes a secure mobility support mechanism in e Xpressive Internet Architecture(XIA),a new FIA currently under development as part of the US National Science Foundation's(NSF) program. Utilizing the natural features of ID/locator decoupling and versatile routing in XIA, a general mechanism to support host mobility is proposed. Exploiting the self-certifying identifier, a secure binding update protocol to overcome the potential threats introduced by the proposed mobility support mechanism is also given. We demonstrate that our design in XIA outperforms IP based solutions in terms of efficiency and flexibility. We also outline our initial design to illustrate one derivative benefit of an evolvable architecture:mobility support customizability with no sacrifice of architectural generality.展开更多
在IP网络中,虚拟机跨子网迁移后其网络地址发生了变化,将面临IP移动性问题。主要研究如何在未来网络体系结构—XIA(expressive internet architecture)中解决这一问题。利用XIA中标识与地址分离、基于DAG(directed acyclic graphs)的灵...在IP网络中,虚拟机跨子网迁移后其网络地址发生了变化,将面临IP移动性问题。主要研究如何在未来网络体系结构—XIA(expressive internet architecture)中解决这一问题。利用XIA中标识与地址分离、基于DAG(directed acyclic graphs)的灵活路由等特性,提出了基于集合点代理的虚拟机在线迁移方法,并进行了具体实现和实验验证。结果表明,所提出的方法可满足虚拟机迁移后与通信对端网络连接的快速恢复,并具备控制平面简单和数据平面高效的优点。展开更多
基金supported by NSFC (No.61672060)National High Technology Research and Development Program of China (863 Program, No.2015AA015701)
文摘Integrating mobility and security in the network layer has become a key factor for Future Internet Architecture(FIA). This paper proposes a secure mobility support mechanism in e Xpressive Internet Architecture(XIA),a new FIA currently under development as part of the US National Science Foundation's(NSF) program. Utilizing the natural features of ID/locator decoupling and versatile routing in XIA, a general mechanism to support host mobility is proposed. Exploiting the self-certifying identifier, a secure binding update protocol to overcome the potential threats introduced by the proposed mobility support mechanism is also given. We demonstrate that our design in XIA outperforms IP based solutions in terms of efficiency and flexibility. We also outline our initial design to illustrate one derivative benefit of an evolvable architecture:mobility support customizability with no sacrifice of architectural generality.
文摘在IP网络中,虚拟机跨子网迁移后其网络地址发生了变化,将面临IP移动性问题。主要研究如何在未来网络体系结构—XIA(expressive internet architecture)中解决这一问题。利用XIA中标识与地址分离、基于DAG(directed acyclic graphs)的灵活路由等特性,提出了基于集合点代理的虚拟机在线迁移方法,并进行了具体实现和实验验证。结果表明,所提出的方法可满足虚拟机迁移后与通信对端网络连接的快速恢复,并具备控制平面简单和数据平面高效的优点。
