Multi-domain optical network security optical tree establishing system and method based on distributed PCE

A network security and multi-domain optical technology, applied in the field of multi-domain optical network multicast optical tree establishment system, can solve the problem of not considering the safety factors of cross-domain road construction

Active Publication Date: 2020-04-17
ENG UNIV OF THE CHINESE PEOPLES ARMED POLICE FORCE
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to provide a distributed PCE-based multi-domain optical network security optical tree establishment system and method, to solve the problem in the prior art that most of the security optical tree establishment methods in the prior art are based on a layered PCE architecture The following, which does not consider the security factors of cross-domain road construction and is only applicable to unicast issues

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-domain optical network security optical tree establishing system and method based on distributed PCE
  • Multi-domain optical network security optical tree establishing system and method based on distributed PCE
  • Multi-domain optical network security optical tree establishing system and method based on distributed PCE

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0100] In this embodiment, a distributed PCE-based multi-domain optical network security optical tree establishment system is disclosed, which is used to establish a secure optical tree in the distributed PCE multi-domain optical network. The system includes a security service module and a trust management module. And key management module;

[0101] The security service module is used to provide message encryption and decryption, identity authentication, source authentication, privacy protection and digital signature services when the security optical tree is established;

[0102] The trust management module is used to provide trust value calculation services when the safety optical tree is established;

[0103] The key management module is used to complete the generation, distribution and update of keys when the secure optical tree is established;

[0104] The security service module includes a message encryption and decryption unit, an identity authentication unit, a source authenti...

Embodiment 2

[0161] In this embodiment, a method for establishing a multi-domain optical network security optical tree based on distributed PCE is provided. Using the distributed PCE-based multi-domain optical network security optical tree establishment system as in the first embodiment, in the distributed PCE The multi-domain optical network establishes a secure optical tree from the source node to the destination node. The multi-domain optical network includes multiple domains, each domain includes a PCE, and the PCE of the domain where the source node is located is the source domain PCE;

[0162] The method is executed in the following steps:

[0163] Step 1. The destination node invokes the identity authentication unit to perform identity authentication on the source node. If the authentication is passed, a multicast tree establishment request is generated; otherwise, the establishment of the multicast tree fails and communication is interrupted;

[0164] The source node calls the session key...

Embodiment 3

[0230] In this embodiment, the distributed PCE-based multi-domain optical network security optical tree establishment system and method provided by the present invention are verified. NS-2 is used for experiments, and based on the optical network simulation system SSANS, the PH-PCE protocol, The HDTD protocol and the relevant modules of the system and method provided by the present invention also embed NSBench script generation software and Gnuplot graphics drawing software into NS-2. Design and generate experimental network topology through NSBench such as Figure 5 As shown, each domain implements 20 nodes and 29 communication links. The number of domains i can be set according to actual needs. The HDTD protocol and the network topology of the system and method provided by the present invention need to add pPCE, set the pPCE calculation boundary node and The abstract path time is 25ms. In the experiment, the average rate of arrival of the path request message PCReq obeys the P...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a multi-domain optical network security optical tree establishing system and method based on distributed PCE. In a distributed PCE architecture, a trust model, a multicast routing algorithm, a GKMS-DA key management scheme and multiple security mechanisms are fused to ensure stable establishment of a security optical tree. Compared with a typical layered PCE-based protocol,the protocol has better performance in the aspects of network connection blocking rate, multicast tree establishment time and data packet delivery rate in a malicious environment.

Description

Technical field [0001] The present invention relates to a multi-domain optical network multicast optical tree establishment system and method, in particular to a multi-domain optical network security optical tree establishment system and method based on distributed PCE. Background technique [0002] With the rapid development of streaming media services such as optical network technology and video surveillance, it is more and more common for people to conduct services in the form of multicast at the optical layer. However, the establishment of an optical layer multicast tree faces security threats such as identity forgery attacks, message tampering, replay attacks, and so on. Therefore, how to build a multi-domain optical network multicast tree that meets security requirements is very important. [0003] For the establishment of a secure multicast tree for multi-domain optical networks, some research results have been achieved at home and abroad. In RFC5520 and RFC5920, the securi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/761H04L12/753H04L12/721H04L29/06H04Q11/00H04L9/08H04L9/32H04L45/16
CPCH04L45/16H04L45/48H04L9/0836H04L63/065H04L63/0428H04L45/62H04Q11/0062H04L9/3252H04L9/3247H04Q2011/0073
Inventor 吴启武周阳姜灵芝甘波
Owner ENG UNIV OF THE CHINESE PEOPLES ARMED POLICE FORCE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap