Software-defined network packet forwarding verification scheme based on attribute-based signatures identification
Aiming at the lack of effective forwarding verification mechanism for packet in software defined network (SDN), a data packet forwarding verification scheme based on attributed-based signatures identification was proposed.First, the attribute signature identification was generated according to the u...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2021-06-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021079/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539270513262592 |
|---|---|
| author | Chaowen CHANG Jianshu JIN Peisheng HAN Xianwei ZHU |
| author_facet | Chaowen CHANG Jianshu JIN Peisheng HAN Xianwei ZHU |
| author_sort | Chaowen CHANG |
| collection | DOAJ |
| description | Aiming at the lack of effective forwarding verification mechanism for packet in software defined network (SDN), a data packet forwarding verification scheme based on attributed-based signatures identification was proposed.First, the attribute signature identification was generated according to the user's identity attribute, and the data packet was marked by the attribute signature identification.Then, the P4 forwarding device was used to control accurately and sample the data packet.The controller verified the attribute signature of the sampled data packet.The OpenFlow forwarding device processes the abnormal data packets according to the flow table issued by the controller.Finally, a multi-controllers architecture was constructed to avoid the single point failure of the controller.The results of the experiment indicate that the scheme can achieve accurate control and sampling of data packet, effectively detect the forwarding abnormal behaviors such as packet tampering and forgery, and the network delay is within the range of feasible communication delay. |
| format | Article |
| id | doaj-art-4151b4458a9e46b59289df517002ee53 |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2021-06-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-4151b4458a9e46b59289df517002ee532025-01-14T07:22:10ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2021-06-014213114459742167Software-defined network packet forwarding verification scheme based on attribute-based signatures identificationChaowen CHANGJianshu JINPeisheng HANXianwei ZHUAiming at the lack of effective forwarding verification mechanism for packet in software defined network (SDN), a data packet forwarding verification scheme based on attributed-based signatures identification was proposed.First, the attribute signature identification was generated according to the user's identity attribute, and the data packet was marked by the attribute signature identification.Then, the P4 forwarding device was used to control accurately and sample the data packet.The controller verified the attribute signature of the sampled data packet.The OpenFlow forwarding device processes the abnormal data packets according to the flow table issued by the controller.Finally, a multi-controllers architecture was constructed to avoid the single point failure of the controller.The results of the experiment indicate that the scheme can achieve accurate control and sampling of data packet, effectively detect the forwarding abnormal behaviors such as packet tampering and forgery, and the network delay is within the range of feasible communication delay.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021079/software-defined networkattribute signatureforwarding verificationP4 forwarding device |
| spellingShingle | Chaowen CHANG Jianshu JIN Peisheng HAN Xianwei ZHU Software-defined network packet forwarding verification scheme based on attribute-based signatures identification Tongxin xuebao software-defined network attribute signature forwarding verification P4 forwarding device |
| title | Software-defined network packet forwarding verification scheme based on attribute-based signatures identification |
| title_full | Software-defined network packet forwarding verification scheme based on attribute-based signatures identification |
| title_fullStr | Software-defined network packet forwarding verification scheme based on attribute-based signatures identification |
| title_full_unstemmed | Software-defined network packet forwarding verification scheme based on attribute-based signatures identification |
| title_short | Software-defined network packet forwarding verification scheme based on attribute-based signatures identification |
| title_sort | software defined network packet forwarding verification scheme based on attribute based signatures identification |
| topic | software-defined network attribute signature forwarding verification P4 forwarding device |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2021079/ |
| work_keys_str_mv | AT chaowenchang softwaredefinednetworkpacketforwardingverificationschemebasedonattributebasedsignaturesidentification AT jianshujin softwaredefinednetworkpacketforwardingverificationschemebasedonattributebasedsignaturesidentification AT peishenghan softwaredefinednetworkpacketforwardingverificationschemebasedonattributebasedsignaturesidentification AT xianweizhu softwaredefinednetworkpacketforwardingverificationschemebasedonattributebasedsignaturesidentification |