| 可信服务链安全架构研究 |
| |
| 引用本文: | 蒋 华,闫一凡,鞠 磊.可信服务链安全架构研究[J].计算机应用研究,2018,35(4). |
| |
| 作者姓名: | 蒋 华 闫一凡 鞠 磊 |
| |
| 作者单位: | 北京电子科技学院 通信工程系,西安电子科技大学 通信工程学院,北京电子科技学院 通信工程系 |
| |
| 基金项目: | 国家自然科学基金资助项目(61640216) |
| |
| 摘 要: | 针对网络功能虚拟化中服务链的安全性问题,提出一种基于可信计算的安全服务链架构。首先,基于可信计算为网络功能虚拟化架构设置可信管理中心模块,为虚拟网络功能实例的生成、服务链的生成和调整提供可信认证;然后,针对服务链的生成和调整设计了相关安全协议;最后,将HOTP协议引入模型之中,实现了服务链各实例之间的安全认证与安全传输,并支持服务链节点的动态扩充和调整。经过架构仿真分析表明,本安全架构在保证服务链动态性的同时提高了安全性。
|
| 关 键 词: | 网络功能虚拟机化 服务链 虚拟机 可信计算 |
| 收稿时间: | 2016/12/23 0:00:00 |
| 修稿时间: | 2018/2/24 0:00:00 |
Research on secure framework for trusted service chain |
| |
| jiang hu,yan yi fan and ju lei.Research on secure framework for trusted service chain[J].Application Research of Computers,2018,35(4). |
| |
| Authors: | jiang hu yan yi fan and ju lei |
| |
| Affiliation: | Communication Engineering Department, Beijing Electronic Science & Technology Institute,, |
| |
| Abstract: | According to the security of service chain for virtualized network function, this paper proposed a security service chain architecture based on trusted computing. Firstly, it set up a trusted management center module for the network function virtualized architecture based on trusted computing, which provided credible authentication for the generation of the virtual network function instance and the generation and adjustment of the service chain. Then, this paper designed the security protocols for the process of generation and adjustment of service chain. Finally, it introduced the HOTP protocol into the model to realize the secure authentication and secure transmission between the instances of the service chain, and supported the dynamic expansion and adjustment of the service chain nodes. The architecture simulation and analysis results show that the security architecture improves the security while guaranteeing the dynamic of the service chain. |
| |
| Keywords: | network function virtualization service chain virtual machine trusted computing |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
