CN106850682A - Data safe transmission method in space-air-ground integration information network - Google Patents
Data safe transmission method in space-air-ground integration information network Download PDFInfo
- Publication number
- CN106850682A CN106850682A CN201710172305.4A CN201710172305A CN106850682A CN 106850682 A CN106850682 A CN 106850682A CN 201710172305 A CN201710172305 A CN 201710172305A CN 106850682 A CN106850682 A CN 106850682A
- Authority
- CN
- China
- Prior art keywords
- data
- data block
- path
- transmission
- paths
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Abstract
The invention provides the data safe transmission method in a kind of space-air-ground integration information network.The method mainly includes:The number of available path is detected, the relative importance value of each bar available path is calculated by priority appraisement model;Based on the size, the bandwidth of each bar available path and the relative importance value that need transmission data, judged according to the routing strategy of setting, the selected n paths to be used;The data of transmission will be needed to be divided into m data block, m data block is respectively allocated to the n paths, coding transmission is carried out to data block on every paths.Angle of the present invention from data transfer, the method transmitted using former data point mulitpath, propose the data transmission method in a kind of empty world network, improve the security of data transfer, pass through priority appraisement model simultaneously, the good path of selection carries out data transmission, it is also possible to effectively lift the speed and efficiency of data transfer.
Description
Technical field
The present invention relates to the data peace in technical field of information communication, more particularly to a kind of space-air-ground integration information network
Full transmission method.
Background technology
Space-air-ground integration information network is a kind of integrated network of multilayer, including various space bases, space-based and land-based communication
System, network node includes various communications platforms, aircraft, different tracks, different types of satellite and ground special station.It is empty
Incorporate information network is the integrated network system in land, sea, air, day, with autonomous acquisition of information, storage, treatment
And distribution capability.Combined ground station, empty world informatization and network can be advantageously applied to the aspects such as meteorology, military affairs.
Substantial amounts of research shows:Space broadband network will form huge space-exploitation;Aerospace information is directly supported to fight
Depend on networking support;The unique location that space-air-ground integration information network has can form distinctive letter with regional superiority
Breath service ability, drives the development of new industry, with the great potential for forming core competitiveness.Its achievement in research will be future
The construction of Incorporate network provides theory support, and the development to promoting related discipline has important scientific meaning.
A kind of data in space-air-ground integration information network transmit topological diagram as shown in figure 1, space-air-ground integration information
Network environment is sufficiently complex, due to when extend, the bit error rate is high, channel is asymmetric, limited bandwidth resources, high dynamic characteristic etc.
Feature, and the type of service for carrying has diversity, is brought challenges to information transmitting.During data transfer,
It is easily received eavesdropping and attacks, with the continuous expansion of empty world network application scope, the day that the leakage problem of data also becomes
Beneficial serious, the problem for thus causing often is directly connected to nation's security.With national interests such as China ocean, spaces not
Disconnected to expand, internal security emergency event disposal, and space science explores deepening continuously for task dispatching, and space-air-ground integration is believed
Breath network cross-region, across spatial domain secure communication, transmission have proposed requirement higher, and the security threat that it faces is more obvious.Currently,
Empty world network Development is gradually ripe, and scale and application are also increasingly grown, but effective data safe transmission method is very scarce
It is weary.So in order to better profit from sky world network service in the application of the aspects such as military affairs, the people's livelihood, space-air-ground integration Information Network
The Security Data Transmission problem of network is badly in need of solving.
Method during traditional space-air-ground integration data transmission in network generally using data encryption carries out data biography
It is defeated, by the method such as different encryptions, key be shared, the transmission of data is completed, the eavesdropping that attacker is resisted with this is intercepted.It is empty
Incorporate information network is a kind of distributed frame of high opening wireless mode, thus easily eavesdropped, invaded, net
The security threats such as service are attacked and refused to network.
It is therefore proposed that the data safe transmission method in a kind of space-air-ground integration information network is extremely necessary.
The content of the invention
The embodiment provides the data safe transmission method in a kind of space-air-ground integration information network, with reality
Effectively safety-oriented data transfer in present space-air-ground integration information network.
To achieve these goals, this invention takes following technical scheme.
A kind of data safe transmission method in space-air-ground integration information network, including:
The number of available path is detected, the relative importance value of each bar available path is calculated by priority appraisement model;
Based on the size, the bandwidth of each bar available path and the relative importance value that need transmission data, according to the Path selection of setting
Strategy judged, the selected n paths to be used;
The data of transmission will be needed to be divided into m data block, m data block is respectively allocated to the n paths, at every
Coding transmission is carried out to data block on path.
Further, the number of described detection available path, each bar available path is calculated by priority appraisement model
Relative importance value, including:
In data sending terminal, each bar available path is detected, the transmission range Y of each bar available path is determined, according to each bar
The bandwidth occupancy rate of available path determines the path free time degree X of each bar available path respectively, is calculated respectively by formula below
The relative importance value of bar available path:
θiI-th relative importance value of available path is represented, k is the total number of available path, and the weight of path free time degree X is α,
Destination is β, X apart from the weight of YiRepresent i-th path free time degree of available path, YiRepresent i-th transmission of available path
Distance.
Further, the described data of transmission that will need are divided into m data block, including:
The data of transmission will be needed to be divided into m data block, the maximum length of each data block is 1400 bytes, will be per number
It is numbered according to block, last data block numbering is 0, represents deblocking and terminates, in the head and afterbody of each data block
Increase verification and.
Further, it is described that m data block is respectively allocated to the n paths, including:
According to the sequence of relative importance value, with reference to confidentiality and the demand of cheap property, following routing strategy is formulated:
As k=1, n=1
Work as k>When 1, n meets
Finally determine selected n paths.
Further, it is described that coding transmission is carried out to data block on every paths, including:
Receiving terminal node per paths all with continental rise on ground private network in aggregation node connection, per paths
The aggregation node that the data that end end node will be received are transferred in the private network of ground;
Whether whether correctly the aggregation node verification converges the data block for receiving, received according to data number inspection data block
Collection is complete, and the data block for lacking requires that data sending terminal is reissued according to numbering;
Transmitting terminal is received after reissuing request, is reissued on the path that data block is circulated in selection successively.
The technical scheme provided by embodiments of the invention described above can be seen that angle of the embodiment of the present invention from data transfer
Degree sets out, a kind of method transmitted using former data point mulitpath, it is proposed that the data transmission method in empty world network, carries
The security of data transfer is risen, while by priority appraisement model, selecting good path to carry out data transmission, it is also possible to
Effectively lift the speed and efficiency of data transfer.
The additional aspect of the present invention and advantage will be set forth in part in the description, and these will become from the following description
Obtain substantially, or recognized by practice of the invention.
Brief description of the drawings
Technical scheme in order to illustrate more clearly the embodiments of the present invention, below will be to that will use needed for embodiment description
Accompanying drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for this
For the those of ordinary skill of field, without having to pay creative labor, other can also be obtained according to these accompanying drawings
Accompanying drawing.
Fig. 1 is the data transmission topological diagram in a kind of space-air-ground integration information network of the prior art;
Fig. 2 is the data safe transmission method in a kind of space-air-ground integration information network provided in an embodiment of the present invention
Process chart.
Fig. 3 is the transmission of selection path and the example explanation reissued of a kind of data transmission procedure provided in an embodiment of the present invention
Figure.
Specific embodiment
Embodiments of the present invention are described below in detail, the example of the implementation method is shown in the drawings, wherein ad initio
Same or similar element or element with same or like function are represented to same or similar label eventually.Below by ginseng
The implementation method for examining Description of Drawings is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative " " used herein, " one
It is individual ", " described " and " being somebody's turn to do " may also comprise plural form.It is to be further understood that what is used in specification of the invention arranges
Diction " including " refer to the presence of the feature, integer, step, operation, element and/or component, but it is not excluded that in the presence of or addition
One or more other features, integer, step, operation, element, component and/or their group.It should be understood that when we claim unit
Part is " connected " or during " coupled " to another element, and it can be directly connected or coupled to other elements, or can also exist
Intermediary element.Additionally, " connection " used herein or " coupling " can include wireless connection or coupling.Wording used herein
"and/or" includes one or more associated any cells for listing item and all combines.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art
Language and scientific terminology) have with art of the present invention in those of ordinary skill general understanding identical meaning.Should also
Understand, those terms defined in such as general dictionary should be understood that the meaning having with the context of prior art
The consistent meaning of justice, and unless defined as here, will not be with idealizing or excessively formal implication be explained.
For ease of the understanding to the embodiment of the present invention, done by taking several specific embodiments as an example further below in conjunction with accompanying drawing
Explanation, and each embodiment does not constitute the restriction to the embodiment of the present invention.
In space-air-ground integration information network due to node spacing farther out, easily it is disturbed, propagation delay time is larger, is easily subject to
Security threat and attack.In order to overcome the unsafe problem of data transfer in traditional scheme, the present invention is by by deblocking, compiling
Mulitpath transmission is selected after code, continental rise is reached, the method that ground private network is converged is walked, the peace such as eavesdropping, interception is resisted
It is complete to threaten.
The embodiment of the present invention completes the peace of data by the way that data are carried out with the processes such as piecemeal, coding transmission, convergence, verification
Full transmission, there is provided a kind of space-air-ground integration information network in data safe transmission method handling process as shown in Fig. 2
Including following process step:
The number of step S210, detection available path, the preferential of each bar available path is calculated by priority appraisement model
Degree θ simultaneously sorts.
In transmitting terminal, selected path free time degree X and transmission range Y are reference, the main bandwidth by path of path free time degree
Occupation rate determines that the initiating terminal in daily path and end end can differ.
The weight of path free time degree X is α, and destination is β apart from the weight of Y, and the expression formula of heat source degree θ is:
Wherein k is the total number of available path, θiThe relative importance value of the i-th paths is represented, value is bigger, and the relative importance value that represents is higher,
In formula using "-" represent idle degree it is bigger, distance it is more remote, then relative importance value is higher, and path is better, and path is completed from high to low
Sequence.
Step S220, based on needing to transmit the size of data, path bandwidth and heat source degree, selected according to the path of setting
Select strategy to be judged, the selected n paths to be used, wherein 1≤n≤4.
According to the sequence of relative importance value, with reference to confidentiality and the demand of cheap property, strategy chosen below is formulated:
As k=1, n=1
Work as k>When 1, n meets
Finally determine selected number of passes n.
Step S230, in transmitting terminal, it would be desirable to the data of transmission are divided into m blocks, and n paths are given according to being sequentially allocated by m block numbers,
Coding transmission is carried out to distributed data on per paths.
Because the length maximum of data directly depends on the limitation of bottom.In order to avoid IP fragmentation and reassembly, data are set most
Long length is 1400 bytes.
By deblocking, size is 1400B/ blocks.Data block is numbered, last block data number is 0, represents number
Terminate according to piecemeal.Increase verification and, it is ensured that data correctness.Increase end to end, statistics block integrality and inspection can be reached
Test the purpose of data block correctness.Step S240, per paths receiving terminal node all with continental rise on ground private network in
Aggregation node is connected, the aggregation node that the data that the end end node per paths will be received are transferred in the private network of ground.
Fig. 3 is a kind of selection path transmission of data transmission procedure provided in an embodiment of the present invention and the example explanatory diagram reissued.
Step S250, aggregation node verification converge whether the data block for receiving is correct, and whether piecemeal number is complete, if mistake
Or it is imperfect, it is required that reissuing.
Whether collected completely according to data number inspection data block, the data block for lacking requires data sending terminal according to numbering
Reissue.Transmitting terminal is received after reissuing request, is reissued on the path that data block is circulated in selection successively.
The present invention solves existing method and is difficult to provide enough to data transmission procedure in space-air-ground integration information network
Safety guarantee problem.The comparing of security can be found out by table 1:
Table 1
Single path is transmitted | Many (n) paths are transmitted | |
Safe probability | 1-p | 1-pn |
Wherein p (0<p<1) it is ravesdropping for path, intercepts etc. and meets with the probability attacked, n (n>1) for the present invention carries out data
The path number selected during transmission, when constant by attack Probability p, it is seen that single path transmission means safe probability is constant, a plurality of
Path transmission mode rises with the build up index of n, and security is greatly improved.Therefore from the point of view of considering, the method
Security performance in a network is better than single path transmission method, and especially n is bigger, and advantage embodies more obvious.
In sum, the embodiment of the present invention is transmitted from the angle of data transfer using former data point mulitpath
A kind of method, it is proposed that the data transmission method in empty world network, improves the security of data transfer, while by preferential
Degree evaluation model, selects good path to carry out data transmission, it is also possible to effectively to lift the speed and efficiency of data transfer.When one
When the data of bar part path are stolen by attacker, a part for former data is also simply obtained, it is impossible to will by the data for obtaining
Former data complete information is restored.The program has good secret protection performance, and the peace of data is protected to a certain extent
Entirely.
One of ordinary skill in the art will appreciate that:Accompanying drawing is the schematic diagram of one embodiment, module in accompanying drawing or
Flow is not necessarily implemented necessary to the present invention.
As seen through the above description of the embodiments, those skilled in the art can be understood that the present invention can
Realized by the mode of software plus required general hardware platform.Based on such understanding, technical scheme essence
On the part that is contributed to prior art in other words can be embodied in the form of software product, the computer software product
Can store in storage medium, such as ROM/RAM, magnetic disc, CD, including some instructions are used to so that a computer equipment
(can be personal computer, server, or network equipment etc.) performs some of each embodiment of the invention or embodiment
Method described in part.
Each embodiment in this specification is described by the way of progressive, identical similar portion between each embodiment
Divide mutually referring to what each embodiment was stressed is the difference with other embodiment.Especially for device or
For system embodiment, because it is substantially similar to embodiment of the method, so describing fairly simple, related part is referring to method
The part explanation of embodiment.Apparatus and system embodiment described above is only schematical, wherein the conduct
Separating component explanation unit can be or may not be it is physically separate, the part shown as unit can be or
Person may not be physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be with root
Some or all of module therein is factually selected the need for border to realize the purpose of this embodiment scheme.Ordinary skill
Personnel are without creative efforts, you can to understand and implement.
The above, the only present invention preferably specific embodiment, but protection scope of the present invention is not limited thereto,
Any one skilled in the art the invention discloses technical scope in, the change or replacement that can be readily occurred in,
Should all be included within the scope of the present invention.Therefore, protection scope of the present invention should be with scope of the claims
It is defined.
Claims (5)
1. the data safe transmission method in a kind of space-air-ground integration information network, it is characterised in that including:
The number of available path is detected, the relative importance value of each bar available path is calculated by priority appraisement model;
Based on the size, the bandwidth of each bar available path and the relative importance value that need transmission data, according to the routing strategy of setting
Judged, the selected n paths to be used;
The data of transmission will be needed to be divided into m data block, m data block is respectively allocated to the n paths, in every paths
On coding transmission is carried out to data block.
2. method according to claim 1, it is characterised in that the number of described detection available path, by relative importance value
Evaluation model calculates the relative importance value of each bar available path, including:
In data sending terminal, each bar available path is detected, determine the transmission range Y of each bar available path, it is available according to each bar
The bandwidth occupancy rate in path determines the path free time degree X of each bar available path respectively, and calculating each bar by formula below can
With the relative importance value in path:
θiI-th relative importance value of available path is represented, k is the total number of available path, and the weight of path free time degree X is α, purpose
Ground is β, X apart from the weight of YiRepresent i-th path free time degree of available path, YiRepresent i-th transmission distance of available path
From.
3. method according to claim 2, it is characterised in that the described data of transmission that will need are divided into m data block,
Including:
The data of transmission will be needed to be divided into m data block, the maximum length of each data block is 1400 bytes, by each data block
It is numbered, last data block numbering is 0, represents deblocking and terminates, increases in the head and afterbody of each data block
Verification and.
4. method according to claim 3, it is characterised in that described m data block is respectively allocated to the n bars road
Footpath, including:
According to the sequence of relative importance value, with reference to confidentiality and the demand of cheap property, following routing strategy is formulated:
As k=1, n=1
Work as k>When 1, n meets
Finally determine selected n paths.
5. method according to claim 4, it is characterised in that described carries out coding biography on every paths to data block
It is defeated, including:
Per paths receiving terminal node all with continental rise on ground private network in aggregation node connection, per paths end
The data that end node will be received are transferred to the aggregation node in the private network of ground;
Whether whether correctly the aggregation node verification converges the data block for receiving, collected according to data number inspection data block
Whole, the data block for lacking requires that data sending terminal is reissued according to numbering;
Transmitting terminal is received after reissuing request, is reissued on the path that data block is circulated in selection successively.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710172305.4A CN106850682B (en) | 2017-03-22 | 2017-03-22 | Data security transmission method in air-space-ground integrated information network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710172305.4A CN106850682B (en) | 2017-03-22 | 2017-03-22 | Data security transmission method in air-space-ground integrated information network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106850682A true CN106850682A (en) | 2017-06-13 |
CN106850682B CN106850682B (en) | 2020-05-05 |
Family
ID=59130845
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710172305.4A Active CN106850682B (en) | 2017-03-22 | 2017-03-22 | Data security transmission method in air-space-ground integrated information network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106850682B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111901241A (en) * | 2020-08-07 | 2020-11-06 | 上海格尔安全科技有限公司 | Routing method for multi-path service equalization based on link state protocol in wireless ad hoc network |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1764146A (en) * | 2004-10-21 | 2006-04-26 | 华为技术有限公司 | Optimization route choosing method |
CN104506230A (en) * | 2014-12-19 | 2015-04-08 | 南京邮电大学 | Multipath parallel and reliable transmission method applicable to satellite network |
US20160006814A1 (en) * | 2014-06-24 | 2016-01-07 | Ewha University-Industry Collaboration Foundation | Method for propagating network management data for energy-efficient iot network management and energy-efficient iot node apparatus |
CN106102093A (en) * | 2016-06-02 | 2016-11-09 | 重庆邮电大学 | A kind of multi-path data bag allocation schedule method in wireless self-organization network |
-
2017
- 2017-03-22 CN CN201710172305.4A patent/CN106850682B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1764146A (en) * | 2004-10-21 | 2006-04-26 | 华为技术有限公司 | Optimization route choosing method |
US20160006814A1 (en) * | 2014-06-24 | 2016-01-07 | Ewha University-Industry Collaboration Foundation | Method for propagating network management data for energy-efficient iot network management and energy-efficient iot node apparatus |
CN104506230A (en) * | 2014-12-19 | 2015-04-08 | 南京邮电大学 | Multipath parallel and reliable transmission method applicable to satellite network |
CN106102093A (en) * | 2016-06-02 | 2016-11-09 | 重庆邮电大学 | A kind of multi-path data bag allocation schedule method in wireless self-organization network |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111901241A (en) * | 2020-08-07 | 2020-11-06 | 上海格尔安全科技有限公司 | Routing method for multi-path service equalization based on link state protocol in wireless ad hoc network |
Also Published As
Publication number | Publication date |
---|---|
CN106850682B (en) | 2020-05-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113422695B (en) | Optimization method for improving robustness of topological structure of Internet of things | |
CN113285923B (en) | Data security transmission method and storage medium based on air-sea cross-domain communication gateway | |
CN109347540B (en) | Method and device for realizing secure routing | |
CN106203164B (en) | Information security big data resource management system based on trust computing and cloud computing | |
Sundaram et al. | Wireless sensor network to connect isolated nodes using link assessment technique | |
CN111723399A (en) | Large-scale social network directed graph privacy protection method based on k-kernel | |
CN112149967A (en) | Power communication network vulnerability assessment method and system based on complex system theory | |
CN104717644A (en) | Two-tiered wireless sensor network range query method capable of verifying privacy protection | |
CN103841553A (en) | Method for routing security and privacy protection of mixed wireless Mesh network | |
CN102035726A (en) | Wormhole attack defense method based on multipath routing and trust mechanism in Ad hoc network | |
CN106850682A (en) | Data safe transmission method in space-air-ground integration information network | |
CN113326947A (en) | Joint learning model training method and system | |
Son et al. | Building robust spanning trees in free space optical networks | |
Wen et al. | Joint trajectory and pick-up design for UAV-assisted item delivery under no-fly zone constraints | |
CN106792959A (en) | Satellite interlayer topology reconstruction method based on discrete subtopology sequence and genetic algorithm | |
Atat et al. | Stochastic geometry model for interdependent cyber-physical communication-power networks | |
CN101969405A (en) | Safe routing method based on credibility in P2P (Peer-to-Peer) environment | |
Asif et al. | Combined Banzhaf & Diversity Index (CBDI) for critical node detection | |
CN102638795A (en) | Trust evaluation method of distributed sensor network capable of resisting attacks | |
Fang et al. | IONSS: Indirect Observation Node Selection Scheme in Trust Management for UAV Network | |
CN117061217A (en) | Electronic medical record data safe transmission method based on set confusion slicing strategy | |
Rajesh et al. | Fuzzy logic based performance optimization with data aggregation in wireless sensor networks | |
CN108234326A (en) | Towards the weak security multicast method of rate allocation based on network code of multimedia data stream | |
Xu et al. | Security Storage Based on Fountain Code and XOR Encryption in Edge Computing | |
CN117221335B (en) | Wireless blockchain network slicing method and device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |