| 摘要: |
| 提出一种以量子加密技术为核心的软件定义网络(Software-defined Network,SDN)的南向安全防护策略,建立了基于量子密钥分发的SDN网络模型并分析了该模型下的身份认证、量子密钥分发和自适应免疫窃听流程。推导出了本策略下窃听攻击强度、用于检测窃听的量子态数目的比例α、系统发现窃听者的概率、密钥分发效率之间的定量关系。通过动态仿真分析确立了不同攻击强度下系统参数α的最优选值区间。SDN控制器可根据该仿真结果,动态地决策系统中α的取值进行自适应免疫密钥分发,实施更为精准的窃听免疫方案。 |
| 关键词: 软件定义网络 量子密钥分发 自适应免疫;南向安全防护 |
| DOI: |
|
| 基金项目:国家自然科学基金资助项目(61971348);陕西省国际科技合作与交流计划项目(2015KW-013) |
|
| A Software-defined Network Southward Security Protection Strategy Based on Quantum Encryption |
| XIE Hui,NIE Min,YANG Guang |
| (1.School of Communication and Information Engineering,Xi′an University of Posts and Telecommunication,Xi′an 710121,China;1.School of Communication and Information Engineering,Xi′an University of Posts and Telecommunication,Xi′an 710121,China2.School of Electronics and Information,Northwestern Polytechnical University,Xi′an 710072,China) |
| Abstract: |
| A software-defined network(SDN) security-oriented strategy based on quantum encryption is proposed.The SDN network model based on quantum key distribution is established and the process of identity authentication,quantum key distribution and adaptive immune eavesdropping under the model is analyzed.The quantitative relationship among the strength of eavesdropping attack,the proportion α of quantum states used to detect eavesdropping,the probability of discovering eavesdroppers,and the efficiency of key distribution are derived.Through dynamic simulation analysis,the most preferable value interval for detecting the proportion of the number of eavesdropping particles under different attack strengths is obtained.The SDN controller can dynamically determine the value of α in the system for adaptive immune key distribution according to the selection interval corresponding to different attack strengths,and a more accurate eavesdropping immunization scheme can be implemented. |
| Key words: software-defined network quantum key distribution adaptive immunity southward security protection |
《电讯技术》编辑部 