摘要
软件定义网络(SDN)提出一种全新的网络设计理念,具有控制面与转发面分离、开放可编程接口以及网络集中控制等技术特点。利用SDN架构重构传统安全系统,通过网络安全能力软件服务化,能有效拓展可信网络应用空间,促进可信网络发挥更大的功效作用。鉴于此,针对传统可信网络亟待解决的安全性、可生存性及可控性问题,充分发挥SDN架构先进的网络设计理念和技术优势,提出全网关联融合的安全技术、低开销的网络抗毁生存架构、安全服务按需弹性部署等一系列SDN可信网络关键技术和突破路径,并进行分析和研究。
SDN(Software Defined Network) proposes a new network design concept, and this concept featurs the technical characteristics including separation of control plane and forwarding plane, open programmable interface and network centralized control. With SDN architecture for reconfiguration of traditional security system and via software and service oriented network security capability, the application space of the trustworthy network could be effectively broadened, and the role further promoted. This paper discusses a series of key technologies and breakthrough ways aimed at SDN trustworthy network.
出处
《通信技术》
2016年第8期1062-1067,共6页
Communications Technology
关键词
软件定义网络
可信网络
网络虚拟化
安全服务
SDN(Software Defined Network)
trustworthy network
network virtualization
security service
