摘要
The long authentication handover delay is the greatest challenge in multi-domain SDN environment. In order to solve this problem, an authentication handover mechanism under multi-SDN domain(AHMMD) is proposed in this paper. In AHMMD, firstly, when the mobility entity accesses the network for the first time, its identity and service attributes are authenticated by the flow authentication protocol, which is designed based on the asymmetric encryption key; secondly, when the mobility entity moves to the neighbor domain, the authentication information will be delivered from the current controller to the neighborhood controller through a security communication channel. In order to promote the efficiency, a handover time prediction algorithm is adopted in AHMMD. Experimental results based on our AHMMD prototype have shown that the handover delay decreases by 50% while the handover cost decreases by 60%.
The long authentication handover delay is the greatest challenge in multi-domain SDN environment. In order to solve this problem, an authentication handover mechanism under multi-SDN domain(AHMMD) is proposed in this paper. In AHMMD, firstly, when the mobility entity accesses the network for the first time, its identity and service attributes are authenticated by the flow authentication protocol, which is designed based on the asymmetric encryption key; secondly, when the mobility entity moves to the neighbor domain, the authentication information will be delivered from the current controller to the neighborhood controller through a security communication channel. In order to promote the efficiency, a handover time prediction algorithm is adopted in AHMMD. Experimental results based on our AHMMD prototype have shown that the handover delay decreases by 50% while the handover cost decreases by 60%.
基金
supported in part by the National Natural Science Foundation of China under Grant No.61402521
Jiangsu Province Natural Science Foundation of China under Grant No.BK20140068
