一种面向Portal认证的IPv6可信地址分配机制  被引量:6

A general way to assign IPv6 trusted address under portal authentication

在线阅读下载全文

作  者:周江 李贺武 ZHOU Jiang;LI Hewu(Graduate School at Shenzhen,Tsinghua University,Shenzhen 518055,China;Beijing National Research Center for Information Science and Technology(BNRist),Beijing 100084,China;Institute for Network Sciences and Cyberspace,Tsinghua University,Beijing 100084,China)

机构地区:[1]清华大学深圳研究生院,广东深圳518055 [2]北京信息科学与技术国家研究中心,北京100084 [3]清华大学网络科学与网络空间研究院,北京100084

出  处:《电信科学》2019年第12期8-14,共7页Telecommunications Science

基  金:国家重点研发计划基金资助项目(No.2017YFB0801702)~~

摘  要:随着网络规模的增长,对网络进行精细化管控变得尤为重要。在下一代互联网中将用户可信身份嵌入IPv6地址后缀形成可信地址,能够进一步提高网络行为的可追溯性。目前已有研究基于Portal认证配合DHCPv6将用户的身份信息嵌入用户终端的IPv6地址中,但是为了分配可信地址而改动的DHCPv6过程造成了机制对用户终端不透明,无法大规模部署。提出了一种面向Portal认证的IPv6可信地址分配机制,通过服务器信令交互配合软件定义网络(SDN)技术实现IPv6可信地址的间接分配,而且与地址分配方式无关。最后,实现了一个原型系统并在江苏南京电信现网机房评估了其可行性和性能,结果表明此机制在对终端透明的情况下仅带来很少的额外开销。As the network scale grows,it is especially important to fine-tune the network.In the next-generation Internet,embedding the user’s trusted identity into the IPv6 address suffix to assign trusted addresses can further improve the traceability of network behavior.At present,many studies have attempted to embed the user’s identity information into IPv6 addresses based on portal authentication and DHCPv6,but the modification of DHCPv6 makes it not transparent to the terminal.A mechanism for trusted address assignment in IPv6 networks based on portal authentication was proposed.The collaboration between servers and software-defined networking(SDN)technology was used to realize the indirect assignment of IPv6 trusted addresses.Finally,a prototype system was implemented and its feasibility and performance were evaluated in the network of Nanjing Telecom in Jiangsu.The results show that the mechanism only brings little overhead and it is transparent to the terminal.

关 键 词:地址分配 可信地址 IPV6 软件定义网络 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象