RAISE:A Resilient Anonymous Information Sharing Environment  

作　　者：Ning Hu Ling Liu Xin Liu Kaijun Wu Yue Zhao 

机构地区：[1]Cyberspace Institute of Advanced Technology,Guangzhou University,Guangzhou,510006,China [2]Science and Technology on Communication Security Laboratory,The 30th Research Institute of China Electronics Technology Group Corporation,Chengdu,610041,China [3]College of Computer Engineering and Applied Math,Changsha University,Changsha,410022,China

出　　处：《Computer Modeling in Engineering & Sciences》2023年第12期2743-2759,共17页工程与科学中的计算机建模（英文）

基　　金：This work was supported by the National Natural Science Foundation of China(Grant No.61976064).

摘　　要：With the widespread application of cloud computing and network virtualization technologies,more and more enterprise applications are directly deployed in the cloud.However,the traditional TCP/IP network transmission model does not fully consider the information security issues caused by the uncontrollable internet environment.Network security communication solutions represented by encrypted virtual private networks(VPN)are facing multiple security threats.In fact,during the communication process,the user application needs to protect not only the content of the communication but also the behavior of the communication,such as the communication relationship,the communication protocol,and so on.Inspired by blockchain and software-defined networking technology,this paper proposes a resilient anonymous information sharing environment,RAISE.The RAISE system consists of user agents,a core switching network and a control cluster based on a consortium blockchain.User agents are responsible for segmenting,encrypting,and encapsulating user traffic.The core switching network forwards user traffic according to the rules issued by the controller,and the controller dynamically calculates the forwarding rules according to the security policy.Different from onion routing technology,RAISE adopts the controller to replace the onion routing model,which effectively overcomes the uncontrollability of nodes.The dispersed computing model is introduced to replace the TCP/IP pipeline transmission models,which overcomes the problems of anti-tracking and traffic hijacking that cannot be solved by VPNs.We propose a blockchain control plane framework,design the desired consensus algorithmand deploy a RAISE systemconsisting of 150 nodes in an internet environment.The experimental results show that the use of blockchain technology can effectively improve the reliability and security of the control plane.While maintaining high-performance network transmission,it further provides network communication security.

关 键 词：Software-defined anonymous communication network blockchain network communication security 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]