基于CCSDS的空间网络跨层安全接入研究

Research of Layered Secure Access for Space Network Based on CCSDS

针对高度开放、拓扑多变的空间网络容易受到各种类型的攻击,仅在某一单独层次实施安全防护不能满足空间网络高等级的安全需求的问题,在深入分析CCSDS尤其是数据链路层AOS协议特点的基础上,提出一种空间网络跨层安全接入机制,在网络层和数据链路层建立一体化防护体系,探讨CCSDS协议体系下的实现方式,当对已认证节点信任发生变化时能进行自动调整和恢复,有效提高空间网络移动接入的安全性、适应性及接入性能。

Due to the open nature and the frequent network topology changes, space network is vulnerable to various attacks. It can not satisfy higher levels of security requirements of the space network that just implement protection in only one protocol layer. This paper analyzes thoroughly characteristic of CCSDS in particular in the data link layer Advanced Orbiting Systems（AOS） protocol, and proposes the layered secure accessmodel mechanism at the data link and network layers, expecting that it can establish integration access protection system. This paper also discusses the realization way under the CCSDS protocol system. When the trust to certain node that is authenticated changed, the mechanism proposed can automatic reaction in time, and enhance the security, the compatibility and performance of secure access.