摘要
计算机网络基础设施及其管理的可扩展性和灵活性使得用户数量不断增长,随之而来的安全性问题是服务提供商以及用户关注的重点。提出了一个符合“安全即服务”范式的安全模型,采用NFV和SDN技术,使用以用户为中心的方法,允许从用户首选项开始自定义安全服务。选择一种有效的方法来配置虚拟网络安全功能,在虚拟机和容器案例场景中对模型和基础设施进行测试。结果显示,采用轻量级虚拟化可以极大地缩短网络安全服务的实例化时间,进而提高网络安全服务的性能,为计算机网络安全方式方法选用提供了参考。
The extensibility and flexibility of network infrastructure and its management helps raise the number of computer network users,however,it also bring the security problem which becomes the focus of providers and users.Based on this,a security framework in line with the“Security-as-a-Service”paradigm is proposed.A user-centric approach,leveraging NFV and SDN technologies is proposed,which allows users to customize security services from user preferences.An effective method is chosen to configure the virtual network security function,and test the model and infrastructure in the virtual machine and container case scenario.The test results show that lightweight virtualization can greatly shorten the instantiation time of network security services,and thus improve the performance of network security services,providing reference for selection of computer network security method.
作者
俞五炎
张亮
史业宏
孙妮
朱虹
杜文红
YU Wu-yan;ZHANG Liang;SHI Ye-hong;SUN Ni;ZHU Hong;DU Wen-hong(School of Aeronautical Engineering Air Force Engineering University,Xi’an 710038,China)
出处
《信息技术》
2022年第3期36-41,共6页
Information Technology
基金
中国航空学会专项课题(20171396)。
关键词
安全即服务
安全服务管理器
软件定义网络
网络功能
虚拟网络
security-as-a-service
security service manager
software-defined network
network function
virtual network
