CN107395500A - Perceive the intelligent network architecture and implementation method for calculating storage integration - Google Patents

Abstract

The invention discloses a kind of perceive to calculate storage integrated intelligent network architecture and implementation method, employs the model that content identification (CID), device identification (GUID) and secure ID (SecID) are combined：Content distributed storage in a network, content caching strategy is disposed in LCRS, aggregation strategy is affixed one's name in router interior, by cooperating between node, realize the shared and multiplexing of resource；Using the mixed logic dynamic mode of device identification/address, the name resolution service of two-stage is provided by NRS, makes main frame and network mobility that network support is seamless；Using the secure authentication mechanisms of Initiative Defense, Access Control and authentication are carried out to user as root of trust, bonding apparatus mark and secure ID by edge router, combined content mark is effectively intercepted to illegal content.The network architecture can be with the change for the content, network environment that sensing network transmits, the behavior of the network user；Seamless main frame and network mobility are supported, there is expansible and developmental capacity；Initiative Defense, there is internet security.

Description

Perceive the intelligent network architecture and implementation method for calculating storage integration

Technical field

The present invention relates to technical field of the computer network, more particularly to a kind of perceive to calculate the integrated intelligent network of storage Framework.

Background technology

With the fast development of the swift and violent growth and new application of Internet scale, traditional Internet architecture Significant challenge is faced in scalability, controllability, mobility and security etc..In this context, it is innovative not Carrying out network architecture research already turns into the hot fields of Present Global concern.

Traditional internet by IP address for core, for the purpose of simple transmission, using what is designed according to end-to-end principle TCP/IP architectures.First, flow increases sharply and routing table drastically expands and seriously affected the expansible of traditional IP Property, the TCP/IP architectures that have its source in of its problem are IP address-based point to point link patterns, and this essential characteristic is led All communication flows are caused all to be accumulated on backbone network, and all P are required for being maintained into up to arbitrary node The route of (subnet).Secondly, portable mobile termianl becomes increasingly popular the explosive growth with internet-of-things terminal quantity to network Mobility propose requirements at the higher level, the ambulant enhancing of user terminal causes data transfer path frequent changes, heavy damage The continuity of upper layer application service, have impact on the service quality of IP network user.Finally, the network application occurred at present to The protection of family safety and privacy proposes higher requirement, and the security means of traditional IP is substantially at passive reply shape State, to attacking unaware, basic reason is that IP address-based point to point link pattern is merely able to provide end-by-end security Passage, the personalized secure service for service and content can not be realized.

In view of the above-mentioned problems, existing solution mainly increases function in application layer.For example use content delivery network Network (CDN) and peer-to-peer network (P2P), network service is provided on network edge main frame.These technologies to a certain extent can be with Content distribution efficiency is improved, but due to being difficult to carry out network state effectively perceive and lacking unified content identification, because The problems such as router efficiency is low, enforcement difficulty is big be present in this.And the deployment of CDN technologies is expensive, for the specific data of contracted user Optimization, can not service global network user, only alleviate scale sex chromosome mosaicism by being continuously increased hardware investment under existing framework； Using IP routes as in the internet architecture of core, Service Source lacks mutually perception mechanism, P2P etc. application with physical network Layer solution can not fundamentally solve network institute's facing challenges and problem.

The content of the invention

It is an object of the invention to provide kind to perceive calculating storage integrated intelligent network architecture and implementation method, can feel Know change, the behavior of the network user of the content, network environment of network transmission；Seamless main frame and network mobility are supported, is had There is expansible and developmental capacity；Initiative Defense, there is internet security.

The purpose of the present invention is achieved through the following technical solutions：

A kind of perceive calculates the integrated intelligent network architecture of storage, including：Storage capacity is calculated with supporting with perceiving Two-stage name resolution server NRS ambulant between domain in content-aggregated router, support region in domain, and in support region The local area content resolution server LCRS of content caching；Wherein：

Router provides the security authentication services based on secure ID SecID, the data forwarding based on device identification GUID Service and the content service based on content identification CID；

When router receives the packet of user's transmission, type of data packet is first distinguished, storage one is calculated for perceiving The intelligent network architecture SCSN of body packet, pass through SecID, GUID and CID and LCRS authentication numbers of data packet head According to the legitimacy of bag content, the authenticity with NRS authentication user identity；Afterwards, judge that by the packet verified be interior Hold bag or request bag；For content bag, then enter if the packet of content caching is allowed under LCRS scheduling between router Row collaboration storage, if the packet of mobility support, the forwarding strategy based on GUID, realizes GUID and ground in routing procedure The dynamic binding of location；For request bag, corresponding CID is then reported into LCRS by router if content requests, then according to LCRS The distribution of content situation of return is realized content-aggregated；If access request, then passed through by router with NRS communications corresponding SecID and GUID realizes Access Control to carry out subscriber authentication.

For content bag, router carries out differential service according to the service identifiers position of data packet head first, including：

CID is reported LCRS to obtain cache policy by the packet to allowing content caching, router, between router Collaboration storage is carried out under LCRS scheduling, realizes the shared and multiplexing of resource；

To the packet of mobility support, query router NRS obtains GUID and the dynamic binding of network address, then passes through Local forward table obtains the next hop router of routing forwarding, if packet retransmission failure, router data storage bag, continues Inquiry NRS carries out storage forwarding.

The NRS provides the dynamic binding service of GUID and network address；GUID is global invariant, the network of equipment Location dynamic change with the change of access point, the NRS ensure in the case of constantly being migrated in on-position to equipment just Really route；

The NRS uses hierarchy, including：One-level NRS and two level NRS；Wherein one-level NRS is used for intra-area routes, and two Level NRS is used for inter-domain routing；The device information update and safeguard GUID reflecting to network address that one-level NRS reports according to router Relation is penetrated, the equipment moved between all generation domains is then calculated and reports two level NRS；Movement is to two level NRS in the domain of equipment Transparent, it only maintains mapping of the device identification to gateway router address GA, is responsible for routing a data packet to purpose equipment institute In domain；

One-level NRS classifies to routing inquiry and user access control information, and enters name resolving corresponding to difference Service and user management module, one-level NRS user management modules are related to user access control and authentication, and by intra domain user Additions and deletions information be sent to two level NRS；Two level NRS receives the information from one-level NRS and gateway router, is entered by grader User management module and name resolution service module, renewal and the inquiry operation of two level NRS local informations are related separately to, most at last Confirmation sends back one-level NRS, and Query Result sends back gateway router.

LCRS is used for the content stored in management domain in network；The content caching information updating that LCRS reports according to router With the mapping table CAMT of maintenance content to storage address, and CAMT, storage strategy module and Context resolution module are based on, control road By device carry out content storage and assisting complete it is content-aggregated；LCRS establishes information filtering table always according to certain information filtering scheme CFT, the legitimacy for the scope of examination；

The LCRS includes：Grader, storage strategy module, Context resolution module and for depositing CAMT and CFT Memory；The information received is divided into content requests and stores two parts with content by grader, and content requests therein are given Context resolution module carries out subsequent treatment, and content storage gives storage strategy module to carry out subsequent treatment；

Context resolution module and storage strategy module can all call Context resolution module polls CFT, be for the scope of examination It is no legal；Continue to inquire about the distribution that CAMT obtains corresponding contents if content legality, in Context resolution module will inquire Hold the router that distribution is sent to request related content, subsequent treatment is carried out by associated router；Storage strategy module then basis Storage strategy determines the need for storing corresponding contents, and updates CAMT, while sends relevant instruction to router；If content Non- rule refusal service.

Its logical level is respectively application layer, transport layer, Internet and link layer from top to bottom；Wherein, router, NRS And LCRS is respectively positioned on Internet；

The Internet includes：Datum plane and control plane；

The function of the datum plane is as follows：Perception of content：Router is perceived and classified according to type of data packet, and Carry out differential service；Content stores：Router is by CID and type of data packet information reporting LCRS, LCRS contained in packet Unified planning is stored content in single or multiple router；It is content-aggregated：First hop router receives user content request After message, LCRS, LCRS is reported to inquire about the distributed intelligence that the CID and returned content store in CAMT the CID of request content, , will be from some or some routes according to the content-aggregated strategy decision of router after first hop router receives distributed intelligence It polymerize related content in device；Routing forwarding：Same intradomain router according to GUID forward packet, between multiple domains by Two level NRS in NRS is route according to the binding information of GUID and address, and because data packet format includes IP heads； Safety verification：After user permits access, the SecID of user is arranged to the field with GUID bindings, and send it to side Edge router, the authentication as user class；And for packet caused by user, CFT will be inquired about according to CID and carried out Filter, the safety verification as content-level；

Realize in the control plane and network configuration and strategy are managed and controlled, including：Context resolution service：By LCRS inquires about CAMT information, obtains the mapping relations of content and network address；Name resolution service：One-level NRS in NRS is provided To the analysis service of network address, the two level NRS in NRS provides parsing clothes of the GUID between domain to network address by GUID in domain Business；Routing forwarding service：During intra-area routes, router parses purpose network address come transmission packet according to one-level NRS；Domain Between when routeing, gateway router obtains purpose gateway address by inquiring about two level NRS, and packet is carried out so as to pass through backbone network Transmission；Access Control service：Apply for that couple in router reports the GUID of the user, one-level to one-level NRS when accessing in user Blacklist that NRS provides according to operator and user right data determine the user whether access, and the power of the user is set Limit, while record security examines and account book information.

A kind of implementation method for perceiving the calculating storage integral intelligent network architecture, including：Setting, there is perception calculating to deposit Content-aggregated router, the interior two-stage name resolution server ambulant between domain of setting support region in energy storage power and support region NRS, and the local area content resolution server LCRS of content caching in support region is set；Wherein：

Set router provides the security authentication services based on secure ID SecID, based on device identification GUID's Data forwarding service and the content service based on content identification CID；

When router receives the packet of user's transmission, type of data packet is first distinguished, storage one is calculated for perceiving The intelligent network architecture SCSN of body packet, pass through SecID, GUID and CID and LCRS authentication numbers of data packet head According to the legitimacy of bag content, the authenticity with NRS authentication user identity；Afterwards, judge that by the packet verified be interior Hold bag or request bag；For content bag, then enter if the packet of content caching is allowed under LCRS scheduling between router Row collaboration storage, if the packet of mobility support, the forwarding strategy based on GUID, realizes GUID and ground in routing procedure The dynamic binding of location；For request bag, corresponding CID is then reported into LCRS by router if content requests, then according to LCRS The distribution of content situation of return is realized content-aggregated；If access request, then passed through by router with NRS communications corresponding SecID and GUID realizes Access Control to carry out subscriber authentication.

For content bag, router carries out differential service according to the service identifiers position of data packet head first, including：

CID is reported LCRS to obtain cache policy by the packet to allowing content caching, router, between router Collaboration storage is carried out under LCRS scheduling, realizes the shared and multiplexing of resource；

To the packet of mobility support, query router NRS obtains GUID and the dynamic binding of network address, then passes through Local forward table obtains the next hop router of routing forwarding, if packet retransmission failure, router data storage bag, continues Inquiry NRS carries out storage forwarding.

The NRS provides the dynamic binding service of GUID and network address；GUID is global invariant, the network of equipment Location dynamic change with the change of access point, the NRS ensure in the case of constantly being migrated in on-position to equipment just Really route；

The NRS uses hierarchy, including：One-level NRS and two level NRS；Wherein one-level NRS is used for intra-area routes, and two Level NRS is used for inter-domain routing；The device information update and safeguard GUID reflecting to network address that one-level NRS reports according to router Relation is penetrated, the equipment moved between all generation domains is then calculated and reports two level NRS；Movement is to two level NRS in the domain of equipment Transparent, it only maintains mapping of the device identification to gateway router address GA, is responsible for routing a data packet to purpose equipment institute In domain；

One-level NRS classifies to routing inquiry and user access control information, and enters name resolving corresponding to difference Service and user management module, one-level NRS user management modules are related to user access control and authentication, and by intra domain user Additions and deletions information be sent to two level NRS；Two level NRS receives the information from one-level NRS and gateway router, is entered by grader User management module and name resolution service module, renewal and the inquiry operation of two level NRS local informations are related separately to, most at last Confirmation sends back one-level NRS, and Query Result sends back gateway router.

LCRS is used for the content stored in management domain in network；The content caching information updating that LCRS reports according to router With the mapping table CAMT of maintenance content to storage address, and CAMT, storage strategy module and Context resolution module are based on, control road By device carry out content storage and assisting complete it is content-aggregated；LCRS establishes information filtering table always according to certain information filtering scheme CFT, the legitimacy for the scope of examination；

The LCRS includes：Grader, storage strategy module, Context resolution module and for depositing CAMT and CFT Memory；The information received is divided into content requests and stores two parts with content by grader, and content requests therein are given Context resolution module carries out subsequent treatment, and content storage gives storage strategy module to carry out subsequent treatment；

Context resolution module and storage strategy module can all call Context resolution module polls CFT, be for the scope of examination It is no legal；Continue to inquire about the distribution that CAMT obtains corresponding contents if content legality, in Context resolution module will inquire Hold the router that distribution is sent to request related content, subsequent treatment is carried out by associated router；Storage strategy module then basis Storage strategy determines the need for storing corresponding contents, and updates CAMT, while sends relevant instruction to router；If content Non- rule refusal service.

Perceive calculate storage the integral intelligent network architecture logical level from top to bottom be respectively application layer, transport layer, Internet and link layer；Wherein, router, NRS and LCRS are respectively positioned on Internet；

The Internet includes：Datum plane and control plane；

The function of the datum plane is as follows：Perception of content：Router is perceived and classified according to type of data packet, and Carry out differential service；Content stores：Router is by CID and type of data packet information reporting LCRS, LCRS contained in packet Unified planning is stored content in single or multiple router；It is content-aggregated：First hop router receives user content request After message, LCRS, LCRS is reported to inquire about the distributed intelligence that the CID and returned content store in CAMT the CID of request content, , will be from some or some routes according to the content-aggregated strategy decision of router after first hop router receives distributed intelligence It polymerize related content in device；Routing forwarding：Same intradomain router according to GUID forward packet, between multiple domains by Two level NRS in NRS is route according to the binding information of GUID and address, and because data packet format includes IP heads； Safety verification：After user permits access, the SecID of user is arranged to the field with GUID bindings, and send it to side Edge router, the authentication as user class；And for packet caused by user, CFT will be inquired about according to CID and carried out Filter, the safety verification as content-level；

Realize in the control plane and network configuration and strategy are managed and controlled, including：Context resolution service：By LCRS inquires about CAMT information, obtains the mapping relations of content and network address；Name resolution service：One-level NRS in NRS is provided To the analysis service of network address, the two level NRS in NRS provides parsing clothes of the GUID between domain to network address by GUID in domain Business；Routing forwarding service：During intra-area routes, router parses purpose network address come transmission packet according to one-level NRS；Domain Between when routeing, gateway router obtains purpose gateway address by inquiring about two level NRS, and packet is carried out so as to pass through backbone network Transmission；Access Control service：Apply for that couple in router reports the GUID of the user, one-level to one-level NRS when accessing in user Blacklist that NRS provides according to operator and user right data determine the user whether access, and the power of the user is set Limit, while record security examines and account book information.

As seen from the above technical solution provided by the invention, framework employs content identification (CID), device identification And the model that is combined of secure ID (SecID) (GUID)：Content distributed storage in a network, in LCRS dispose content and delay Strategy is deposited, aggregation strategy is affixed one's name in router interior, by cooperating between node, realizes the shared and multiplexing of resource；Adopt With the mixed logic dynamic mode of device identification/address, the name resolution service of two-stage is provided by NRS, makes the master that network support is seamless Machine and network mobility；Using the secure authentication mechanisms of Initiative Defense, by edge router as root of trust, bonding apparatus mark Access Control and authentication are carried out to user with secure ID, combined content mark is effectively blocked to illegal content Cut.

Brief description of the drawings

In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment Accompanying drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for this For the those of ordinary skill in field, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings Accompanying drawing.

Fig. 1 is that a kind of perceive provided in an embodiment of the present invention calculates the integrated intelligent network architecture schematic diagram of storage；

Fig. 2 is the data forwarding service flow chart of router provided in an embodiment of the present invention；

Fig. 3 is NRS provided in an embodiment of the present invention message processing flow figure；

Fig. 4 is LCRS provided in an embodiment of the present invention message processing flow figure；

Fig. 5 is the logical architecture schematic diagram of SCSN networks provided in an embodiment of the present invention；

Fig. 6 is content-aggregated process schematic provided in an embodiment of the present invention；

Fig. 7 is content storage process schematic diagram provided in an embodiment of the present invention；

Fig. 8 is routing procedure schematic diagram provided in an embodiment of the present invention；

Fig. 9 router and NRS information interactive process under mobile context between domain provided in an embodiment of the present invention and in domain Schematic diagram；

Figure 10 is safety verification process schematic provided in an embodiment of the present invention.

Embodiment

With reference to the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Ground describes, it is clear that described embodiment is only part of the embodiment of the present invention, rather than whole embodiments.Based on this The embodiment of invention, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made Example, belongs to protection scope of the present invention.

Fig. 1 is that a kind of perceive provided in an embodiment of the present invention calculates the integrated intelligent network architecture schematic diagram of storage, such as Shown in Fig. 1, it is a kind of edge network framework to perceive and calculate the integrated intelligent network architecture (SCSN) of storage.Due to key host It is used for inter-domain routing, perceives, calculates, store function if being realized in backbone network, being introduced into very big time delay and complexity, instead And the efficiency of network can be reduced.Using the physical structure of edge network, can farthest reduce to conventional network equipment Renewal, reduce the cost of deployment SCSN networks.The highly scalable of this edge network framework causes enterprise, government, school Can according to their needs etc. unit, personalized customization and deployment SCSN networks.Because SCSN networks have good compatibility, Its backbone network can continue to use IP network framework.

SCSN nucleus equipment includes：Storage capacity and router content-aggregated in support region, branch are calculated with perceiving Hold in domain the ambulant two-stage name resolution server (NRS) between domain, and in support region content caching local area content solution Analyse server (LCRS).The network architecture is by two-stage name resolution server, with reference to the mixing based on device identification and address Routing mechanism, the route forwarding function between domain in domain is realized, support seamless main frame and network mobility；Pass through local area content Management server carries out content caching and content-aggregated tactful deployment so that realizes that collaboration storage and resource are answered between router With, raising content distribution efficiency, reduction network redundancy flow；Initiative Defense is carried out by secure authentication mechanisms, with reference to identity mark Knowledge and secure ID, authentication, combined content mark and identity are carried out to user as root of trust by edge router Illegal content is effectively intercepted, and the user of issue illegal contents can be followed the trail of, it is handled.

The routers of SCSN networks provide the security authentication services based on SecID, the data forwarding service based on GUID and Content service based on CID.In user access network, router realizes Access Control with NRS authentication user identity； When user sends data, router verifies the conjunction of user identity and transferring content by SecID, GUID and CID of data packet head Method, check on one's own initiative, handle, evade attack.Tested by this dual safety for content and user identity Card service, it can effectively realize the Initiative Defense of network.Router can perceive the content of transmission, and according to the caching plan of deployment Slightly content is stored, carries out collaboration storage between router under LCRS scheduling, realizes the shared and multiplexing of resource.It is logical The forwarding strategy based on GUID is crossed, the dynamic binding of device identification and address is realized in routing procedure, can effectively be supported The mobility of equipment and network so that application layer can keep link not interrupt under mobile context.Router is passed by hop-by-hop Defeated mechanism, both ensure that reliable data transmission end to end, reduce the time delay for retransmitting data band again.In addition, router is also Flexible differential service can be provided according to service type.It can pass through clothes for being not intended to buffered data in actual demand Service type specifies the data-transmission mode without caching, such as pay content or private content, it is ensured that not by network Copy propagation wantonly, so as to be effectively protected copyright and privacy of user.For the data of delay sensitive, again may be by servicing Type specifies packet to carry out the simple data forwarding based on address, so that network no longer supports mobility, does not also ensure The reliability of data transfer, but propagation delay time can be effectively reduced, suitable for real-time scene.By this differential service, Make service provider that the flexibility of network with self-defined network service mode, can be improved；Developer is set easily to add net Network function, improve the scalability of network.In addition to These characteristics, SCSN router can also provide abundant Distributed Calculation Resource, support the function of the ubiquitous computations such as content calculating, network calculations and service calculating.

SCSN provided in an embodiment of the present invention can be with the content of sensing network transmission, the change of network environment, the network user Behavior；Seamless main frame and network mobility are supported, there is expansible and developmental capacity；Initiative Defense, there is network security Property.

In order to make it easy to understand, it is introduced respectively below for router, NRS, and LCRS.

First, router.

As shown in Fig. 2 the data forwarding service flow chart for router.In the embodiment of the present invention, router is supported The data forwarding service compatible with IP；When router receives packet, type of data packet is first distinguished, is carried for IP packets Forward and service for Traditional IP, SCSN handling processes are performed for SCSN packets.

Router passes through SecID, GUID and CID and LCRS authentication data of data packet head to SCSN packet The legitimacy of bag content, the authenticity with NRS authentication user identity.Afterwards, judge by the packet verified as content Bag or request bag, to being respectively processed by the content bag and request bag of checking.When router receives content bag, according to number Differential service is carried out according to the service identifiers position in packet header.1) to the packet of permission content caching, then LCRS's between router Collaboration storage is carried out under scheduling；Specifically：CID is reported LCRS to obtain cache policy by router, in LCRS between router Scheduling under carry out collaboration storage, realize the shared of resource and multiplexing.2) to the packet of mobility support, turned based on GUID Hair strategy, realizes GUID and the dynamic binding of address in routing procedure；Specifically：Query router NRS obtains GUID and net The dynamic binding of network address, then the next hop router of routing forwarding is obtained by local forward table, if packet forwarding is lost Lose, router data storage bag, continue inquiry NRS and carry out storage forwarding.

When router receives request bag, content requests and access request are distinguished.For content requests bag, router first to LCRS inquires about storage location of the content in domain, if can provide the content of request in domain, router is according to aggregation strategy Other associated router aggregated contents are notified, the content requests of terminal are then directly locally responded in router；Otherwise, it is based on Content requests are forwarded to next hop router by GUID, until content requests bag reaches the domain for storing the content or content provides Side.For access request bag, then communicated by router with NRS by corresponding SecID and GUID to carry out subscriber authentication Realize Access Control.

2nd, NRS.

In the embodiment of the present invention, the NRS provides the dynamic binding service of GUID and network address；GUID is global constant Amount, the network address of equipment with the change of access point and dynamic change, the NRS ensure the feelings constantly migrated in on-position To the correct route of equipment under condition.

The NRS uses hierarchy, including：One-level NRS and two level NRS；Wherein one-level NRS is used for intra-area routes, and two Level NRS is used for inter-domain routing；The device information update and safeguard GUID reflecting to network address that one-level NRS reports according to router Relation is penetrated, the equipment moved between all generation domains is then calculated and reports two level NRS；Movement is to two level NRS in the domain of equipment Transparent, it only maintains mapping of the device identification to gateway router address (GA), is responsible for routing a data packet to purpose equipment Place domain；The NRS structures of this classification, which effectively realize, unifies route between autonomous and domain in domain, improve the expansible of network Property.One-level NRS can be personalized deployment Access Control service, there is provided authentication and the function of data safety verification, To the new equipment of access network network, router sends requests verification information to one-level NRS, to obtain equipment identities legitimacy and access Authority, realize access control function.

As shown in figure 3, the message processing flow figure for NRS.One-level NRS enters to routing inquiry and user access control information Row classification, and enter name resolution service and user management module corresponding to difference, one-level NRS user management modules are related to user Access Control and authentication, and the additions and deletions information of intra domain user is sent to two level NRS；Two level NRS receive from one-level NRS and The information of gateway router, user management module and name resolution service module are entered by grader, relate separately to two level NRS The renewal of local information and inquiry operation, it finally will confirm that information sends back one-level NRS, Query Result sends back gateway route Device.

3rd, LCRS.

LCRS is used for the content stored in management domain in network；The content caching information updating that LCRS reports according to router With the mapping table (CAMT) of maintenance content to storage address, and CAMT, storage strategy module and Context resolution module are based on, controlled Router carry out content storage and assisting complete it is content-aggregated；LCRS establishes information filtering always according to certain information filtering scheme Table (CFT), the legitimacy for the scope of examination；

As shown in figure 4, the message processing flow figure for LCRS.The LCRS includes：Grader, storage strategy module, Context resolution module and the memory for depositing CAMT and CFT；Grader by the information received be divided into content requests with Content stores two parts, and content requests therein give Context resolution module to carry out subsequent treatment, and storage plan is given in content storage Slightly module carries out subsequent treatment；

Context resolution module and storage strategy module can all inquire about CFT, and whether the scope of examination is legal；If content legality Then continue to inquire about the distribution that CAMT obtains corresponding contents, the distribution of content inquired is sent to by Context resolution module asks this interior The router of appearance, subsequent treatment is carried out by the router；Storage strategy module then determines the need for storing according to storage strategy Corresponding contents, and CAMT is updated, while send relevant instruction to router；If the non-rule refusal service of content；For difference The type of service of demand, storage strategy module can be separated from LCRS, be incorporated into service managing server, to carry Enhanced scalability and efficiency of service.

On the other hand, the logical architecture of SCSN networks provided in an embodiment of the present invention can be found in Fig. 5, and its its logical level is certainly Upper and lower respectively application layer, transport layer, Internet and link layer；Wherein, application layer operation meets the application journey of user's request Sequence；Transport layer is using user oriented application process, reliable transport layer protocol；Link layer uses existing network link layer skill Art.

Nucleus equipment router, NRS and the LCRS of SCSN described in the embodiment of the present invention is respectively positioned on Internet.Internet master To be made up of datum plane and control plane, there is provided complete perception, calculating and storage service；Datum plane and control plane Major function it is as follows：

1) function of the datum plane is as follows：Perception of content：Router is perceived and classified according to type of data packet, And carry out differential service；Content stores：Router by CID and type of data packet information reporting LCRS contained in packet, LCRS unified plannings are stored content in single or multiple router；It is content-aggregated：First hop router receives user content After request message, LCRS, LCRS is reported to inquire about the distribution that the CID and returned content store in CAMT the CID of request content Information, after the first hop router receives distributed intelligence, according to the content-aggregated tactful concrete decision of router will from some or It polymerize the content in some routers of person；Routing forwarding：Packet is forwarded according to GUID in same intradomain router, multiple It is route between domain by the two level NRS in NRS according to the binding information of GUID and address, and because data packet format includes IP Head；Safety verification：After user permits access, the SecID of user is arranged to the field with GUID bindings, and be sent to To edge router, the authentication as user class；And for packet caused by user, CFT will be inquired about according to CID and entered Row filtering, the safety verification as content-level；

2) realize in the control plane and network configuration and strategy are managed and controlled, including：Context resolution service：By LCRS inquires about CAMT information, obtains the mapping relations of content and network address；Name resolution service：One-level NRS in NRS is provided To the analysis service of network address, the two level NRS in NRS provides parsing clothes of the GUID between domain to network address by GUID in domain Business；Routing forwarding service：During intra-area routes, router parses purpose network address come transmission packet according to one-level NRS；Domain Between when routeing, gateway router obtains purpose gateway address by inquiring about two level NRS, and packet is carried out so as to pass through backbone network Transmission；Access Control service：Apply for that couple in router reports the GUID of the user, one-level to one-level NRS when accessing in user Blacklist that NRS provides according to operator and user right data determine the user whether access, and the power of the user is set Limit, while record security examines and account book information.

It is SCSN provided in an embodiment of the present invention main composition and its function above, below in conjunction with some examples to it In more important function elaborate.

1st, content-aggregated process citing.

SCSN supports content-aggregated.Involved content legality is assumed in this example, as shown in Figure 6：1. equipment C1 is accessed Router R1 into network is simultaneously sent to request bag P1, to request content CID1；2. router R1 learns that P1 is CID1 Request bag, using LCRS communication modules by information reporting；After 3. LCRS receives request, Context resolution module polls CAMT is obtained CID1 data distribution, the information is sent back into R1；4. if data corresponding to CID1 do not store in the subdomain, to distal end Server request content data；5. router R1 according to the distribution of content received to associated router (be router in this example R2 and router R3) ask the content；6. router R2 and router R3 sends the content number via router R1 to equipment C1 According to.

2nd, content storage process.

SCSN supports content storage.As shown in Figure 7：1. when CID1 packet P1 forwards by router R1, R1 can be incited somebody to action The packet caches while forwarding；2. when R1 has cached complete CID1 data, R1 asks whether to store CID1 to LCRS Total data or its fragment；3. LCRS storage strategy module polls CAMT learns CID1 distribution situation, according to storage strategy Storage and renewal operation are determined, if desired stores, issues store instruction and update CAMT, otherwise send instructions down and allow it to delete CID1 caching.

3rd, routing mechanism.

For the routing procedure of SCSN packets as shown in figure 8, terminal C1 is located at subdomain D1, terminal C2 is located at subdomain D2, middle The backbone network of process is IP network, and C1 to C2 data transmission procedure is divided into the following steps：1. C1 is with C2 device identification (202) Packet is constructed for purpose GUID, and issues the first hop router R12.2. R12 inquires about 202 institutes to NRS1-Lv1 (one-level NRS) Network address (NA).There is no 202 address binding information in NRS1-Lv1, now return to the device identification of gateway router (111), the relaying NA as purpose terminal.3. packet reaches gateway router, gateway router inquires about 202 to NRS1-Lv1 The NA at place.4. NRS1-Lv1, in the case of no local address binding information, he can be by the inquiry request of gateway router It is forwarded to NRS-Lv2 (two level NRS).NRS-Lv2 returns to D2 gateway routers R12 device identification (221) and IP address (xxx.xxx.xxx.221).5. R11 using 221 as purpose NA write SCSN data packet heads, using xxx.xxx.xxx.221 as The compatible IP packet header of purpose IP constructions, and packet is sent to backbone network.Packet reaches R21 by IP backbone.6. R21 is solved SCSN packets are analysed, to the network address of local domain one-level NRS inquiries 202, the network address for obtaining 202 is 224.7. R21 will Packet is sent to 224,224 and packet is handed into destination host 202.

4th, mobility support.

Moved in the domain of SCSN holding equipments between domain, road under mobile context will be introduced between domain and domain in this example respectively By device and NRS information interactive process, as shown in Figure 9.

Inter-domain routing：1. equipment C2 is moved to the R24 in D2 domains from the router R33 in D3 domains.2. R33 is to NRS3-Lv1 (one Level NRS) report leaving for C2.3. R24 reports C2 to access to NRS2-Lv1.4. NRS2-Lv1 judges that C2 is moved between belonging to domain, to NRS-Lv2 (two level NRS) is reported.5. due to C2 movement, storage forwarding will be carried out by having arrived at R33 data.R33 is inquired about NRS3-Lv1, packet is sent to gateway router R31.R31 inquires about to obtain C2 network address by two-stage NRS, by data Bag is forwarded to R21.R21 inquires about NRS2-Lv1, forwards the packet to R24.6. the data that C1 is newly sent will turn along new route It is sent to R24.

Intra-area routes：7. equipment C2 is moved to R22 in D2 domains from R24.8. R22 reports C2 access to NRS2-Lv1. The packet transmitted between this time domain still inquires the gateway router up to D2 by two-stage NRS.The packet transmitted in domain leads to Cross inquiry one-level NRS and route a data packet to R22.

5th, safety verification.

SCSN architectures can refuse the access of malicious user, support active authentication, and can effectively forbid user Ask and issue illegal content.Figure 10 illustrates the process that system carries out safety verification.

User A request access SCSN networks.System refusal malicious user access and completion authentication process itself are as follows：① User A connection edge router R2, security password (SecID fields) corresponding with GUID, request access SCSN nets are voluntarily set Network；2. R2 by GUID the and SecID information reportings that user A is provided to NRS, NRS according to GUID inquire about in subscriber blacklist whether Have user A, the direct refusal user A accesses SCSN networks if having, otherwise by user management module safeguard user A GUID and SecID binary group informations, and notify R2 to record the corresponding relation；After 3. user A is by access authentication, R2 secure verification module By examining, user A sends the SecID fields of packet header and its GUID completes authentication.

User B distributes illegal content to system, and user C asks illegal content.It is authenticated that system carries out content safety Journey is as follows：4. user B issues content；5. edge router R1 extractions user B sends the CID of content bag, communicated mould by LCRS Block sends it to LCRS；Do not conform to 6. LCRS has found that the CID corresponds to by Context resolution module polls information filtering table (CFT) Method content, notice edge router abandon the content and user B are given a warning；7. user C sends content requests；8. edge road The CID of request bag is sent by device R4 extractions user C, is sent to LCRS；9. LCRS has found that the CID corresponds to illegal content, lead to Know that edge router refusal services the request and user C is given a warning.

If a user continuously issues a variety of illegal contents or repeatedly asks illegal content, system can use this Family pipes off, and refusal provides network insertion service for the user within a certain period of time.

Another embodiment of the present invention also provides the implementation method for perceiving and calculating the storage integral intelligent network architecture, main bag Include：Set and calculate router content-aggregated in storage capacity and support region with perception, set in support region and moved between domain Property two-stage name resolution server NRS, and set support region in content caching local area content resolution server LCRS；Its In：

Set router provides the security authentication services based on secure ID SecID, based on device identification GUID's Data forwarding service and the content service based on content identification CID；

When router receives the packet of user's transmission, type of data packet is first distinguished, storage one is calculated for perceiving The intelligent network architecture SCSN of body packet, pass through SecID, GUID and CID and LCRS authentication numbers of data packet head According to the legitimacy of bag content, the authenticity with NRS authentication user identity；Afterwards, judge that by the packet verified be interior Hold bag or request bag；For content bag, then enter if the packet of content caching is allowed under LCRS scheduling between router Row collaboration storage, if the packet of mobility support, the forwarding strategy based on GUID, realizes GUID and ground in routing procedure The dynamic binding of location；For request bag, corresponding CID is then reported into LCRS by router if content requests, then according to LCRS The distribution of content situation of return is realized content-aggregated；If access request, then passed through by router with NRS communications corresponding SecID and GUID realizes Access Control to carry out subscriber authentication.

Further, differential service, bag are carried out according to the service identifiers position of data packet head first for content bag, router Include：

CID is reported LCRS to obtain cache policy by the packet to allowing content caching, router, between router Collaboration storage is carried out under LCRS scheduling, realizes the shared and multiplexing of resource；

To the packet of mobility support, query router NRS obtains GUID and the dynamic binding of network address, then passes through Local forward table obtains the next hop router of routing forwarding, if packet retransmission failure, router data storage bag, continues Inquiry NRS carries out storage forwarding.

Further, the NRS provides the dynamic binding service of GUID and network address；GUID is global invariant, if Standby network address is with the change of access point and dynamic change, the NRS ensure in the case of constantly being migrated in on-position To the correct route of equipment；

The NRS uses hierarchy, including：One-level NRS and two level NRS；Wherein one-level NRS is used for intra-area routes, and two Level NRS is used for inter-domain routing；The device information update and safeguard GUID reflecting to network address that one-level NRS reports according to router Relation is penetrated, the equipment moved between all generation domains is then calculated and reports two level NRS；Movement is to two level NRS in the domain of equipment Transparent, it only maintains mapping of the device identification to gateway router address GA, is responsible for routing a data packet to purpose equipment institute In domain；

One-level NRS classifies to routing inquiry and user access control information, and enters name resolving corresponding to difference Service and user management module, one-level NRS user management modules are related to user access control and authentication, and by intra domain user Additions and deletions information be sent to two level NRS；Two level NRS receives the information from one-level NRS and gateway router, is entered by grader User management module and name resolution service module, renewal and the inquiry operation of two level NRS local informations are related separately to, most at last Confirmation sends back one-level NRS, and Query Result sends back gateway router.

Further, LCRS is used for the content stored in management domain in network；The content that LCRS reports according to router is delayed Information updating and maintenance content are deposited to the mapping table CAMT of storage address, and is based on CAMT, storage strategy module and Context resolution Module, control router carry out content storage and assisting complete it is content-aggregated；LCRS is built always according to certain information filtering scheme Vertical information filtering table CFT, the legitimacy for the scope of examination；

The LCRS includes：Grader, storage strategy module, Context resolution module and for depositing CAMT and CFT Memory；The information received is divided into content requests and stores two parts with content by grader, and content requests therein are given Context resolution module carries out subsequent treatment, and content storage gives storage strategy module to carry out subsequent treatment；

Context resolution module and storage strategy module can all call Context resolution module polls CFT, be for the scope of examination It is no legal；Continue to inquire about the distribution that CAMT obtains corresponding contents if content legality, in Context resolution module will inquire Hold the router that distribution is sent to request related content, subsequent treatment is carried out by associated router；Storage strategy module then basis Storage strategy determines the need for storing corresponding contents, and updates CAMT, while sends relevant instruction to router；If content Non- rule refusal service.

Further, the logical level respectively application from top to bottom for calculating the storage integral intelligent network architecture is perceived Layer, transport layer, Internet and link layer；Wherein, router, NRS and LCRS are respectively positioned on Internet；

The Internet includes：Datum plane and control plane；

The function of the datum plane is as follows：Perception of content：Router is perceived and classified according to type of data packet, and Carry out differential service；Content stores：Router is by CID and type of data packet information reporting LCRS, LCRS contained in packet Unified planning is stored content in single or multiple router；It is content-aggregated：First hop router receives user content request After message, LCRS, LCRS is reported to inquire about the distributed intelligence that the CID and returned content store in CAMT the CID of request content, , will be from some or some routes according to the content-aggregated strategy decision of router after first hop router receives distributed intelligence It polymerize related content in device；Routing forwarding：Same intradomain router according to GUID forward packet, between multiple domains by Two level NRS in NRS is route according to the binding information of GUID and address, and because data packet format includes IP heads； Safety verification：After user permits access, the SecID of user is arranged to the field with GUID bindings, and send it to side Edge router, the authentication as user class；And for packet caused by user, CFT will be inquired about according to CID and carried out Filter, the safety verification as content-level；

Realize in the control plane and network configuration and strategy are managed and controlled, including：Context resolution service：By LCRS inquires about CAMT information, obtains the mapping relations of content and network address；Name resolution service：One-level NRS in NRS is provided To the analysis service of network address, the two level NRS in NRS provides parsing clothes of the GUID between domain to network address by GUID in domain Business；Routing forwarding service：During intra-area routes, router parses purpose network address come transmission packet according to one-level NRS；Domain Between when routeing, gateway router obtains purpose gateway address by inquiring about two level NRS, and packet is carried out so as to pass through backbone network Transmission；Access Control service：Apply for that couple in router reports the GUID of the user, one-level to one-level NRS when accessing in user Blacklist that NRS provides according to operator and user right data determine the user whether access, and the power of the user is set Limit, while record security examines and account book information.

It should be noted that router involved in above method embodiment, NRS and LCRS function, the course of work And principle, it is similar with described in aforementioned intelligent network architecture embodiment, therefore repeat no more.

The foregoing is only a preferred embodiment of the present invention, but protection scope of the present invention be not limited thereto, Any one skilled in the art is in the technical scope of present disclosure, the change or replacement that can readily occur in, It should all be included within the scope of the present invention.Therefore, protection scope of the present invention should be with the protection model of claims Enclose and be defined.

Claims (10)

1. a kind of perceive the intelligent network architecture for calculating storage integration, it is characterised in that including：Storage energy is calculated with perceiving Two-stage name resolution server NRS ambulant between domain in content-aggregated router, support region in power and support region, and The local area content resolution server LCRS of content caching in support region；Wherein：

Router provides the security authentication services based on secure ID SecID, the data forwarding service based on device identification GUID With the content service based on content identification CID；

When router receives the packet of user's transmission, type of data packet is first distinguished, storage integration is calculated for perceiving Intelligent network architecture SCSN packet, pass through SecID, GUID and CID and LCRS authentication packets of data packet head The legitimacy of content, the authenticity with NRS authentication user identity；Afterwards, judge by the packet verified as content bag Or request bag；For content bag, then assisted if the packet of content caching is allowed under LCRS scheduling between router With storage, if the packet of mobility support, the forwarding strategy based on GUID, GUID and address are realized in routing procedure Dynamic binding；For request bag, corresponding CID is then reported into LCRS by router if content requests, then returned according to LCRS Distribution of content situation realize it is content-aggregated；If access request, then by router and NRS communications by corresponding SecID with GUID realizes Access Control to carry out subscriber authentication.

2. a kind of perceive according to claim 1 calculates the integrated intelligent network architecture of storage, it is characterised in that for Content bag, router carry out differential service according to the service identifiers position of data packet head first, including：

Packet to allowing content caching, CID is reported LCRS to obtain cache policy by router, in LCRS between router Scheduling under carry out collaboration storage, realize the shared of resource and multiplexing；

To the packet of mobility support, query router NRS obtains GUID and the dynamic binding of network address, then passes through local Forward table obtains the next hop router of routing forwarding, if packet retransmission failure, router data storage bag, continues to inquire about NRS carries out storage forwarding.

3. a kind of perceive according to claim 1 calculates the integrated intelligent network architecture of storage, it is characterised in that described NRS provides the dynamic binding service of GUID and network address；GUID is global invariant, and the network address of equipment is with access point Change and dynamic change, the NRS ensure in the case of constantly being migrated in on-position to the correct route of equipment；

The NRS uses hierarchy, including：One-level NRS and two level NRS；Wherein one-level NRS is used for intra-area routes, two level NRS For inter-domain routing；The device information update and safeguard that the mapping of GUID to network address is closed that one-level NRS reports according to router System, then calculate the equipment moved between all generation domains and report two level NRS；Movement is transparent to two level NRS in the domain of equipment , it only maintains mapping of the device identification to gateway router address GA, is responsible for domain where routing a data packet to purpose equipment；

One-level NRS classifies to routing inquiry and user access control information, and enters name resolution service corresponding to difference And user management module, one-level NRS user management modules are related to user access control and authentication, and by the increasing of intra domain user Delete information and be sent to two level NRS；Two level NRS receives the information from one-level NRS and gateway router, enters access customer by grader Management module and name resolution service module, renewal and the inquiry operation of two level NRS local informations are related separately to, finally will confirm that Information sends back one-level NRS, and Query Result sends back gateway router.

4. a kind of perceive according to claim 1 calculates the integrated intelligent network architecture of storage, it is characterised in that LCRS For the content stored in network in management domain；The content caching information updating and maintenance content that LCRS reports according to router are arrived The mapping table CAMT of storage address, and CAMT, storage strategy module and Context resolution module are based on, control router carries out content Store and assist to complete content-aggregated；LCRS establishes information filtering table CFT always according to certain information filtering scheme, for checking The legitimacy of content；

The LCRS includes：Grader, storage strategy module, Context resolution module and for depositing depositing for CAMT and CFT Reservoir；The information received is divided into content requests and stores two parts with content by grader, and content requests therein give content Parsing module carries out subsequent treatment, and content storage gives storage strategy module to carry out subsequent treatment；

Whether Context resolution module and storage strategy module can all call Context resolution module polls CFT, closed for the scope of examination Method；Continue to inquire about the distribution that CAMT obtains corresponding contents if content legality, Context resolution module divides the content inquired Cloth is sent to the router of request related content, and subsequent treatment is carried out by associated router；Storage strategy module is then according to storage Strategy determines the need for storing corresponding contents, and updates CAMT, while sends relevant instruction to router；If content is illegal Then refusal service.

5. a kind of perceive according to claim 1 calculates the integrated intelligent network architecture of storage, it is characterised in that it is patrolled It is respectively application layer, transport layer, Internet and link layer from top to bottom to collect level；Wherein, router, NRS and LCRS are respectively positioned on Internet；

The Internet includes：Datum plane and control plane；

The function of the datum plane is as follows：Perception of content：Router is perceived and classified according to type of data packet, and is carried out Differential service；Content stores：Router is unified by CID contained in packet and type of data packet information reporting LCRS, LCRS Planning is stored content in single or multiple router；It is content-aggregated：First hop router receives user content request message Afterwards, by the CID of request content report LCRS, LCRS inquired about in CAMT the CID and returned content storage distributed intelligence, first , will be from some or some routers according to the content-aggregated strategy decision of router after hop router receives distributed intelligence It polymerize related content；Routing forwarding：Packet is forwarded according to GUID in same intradomain router, by NRS between multiple domains Two level NRS route according to the binding information of GUID and address, and because data packet format includes IP heads；Safety is tested Card：After user permits access, the SecID of user is arranged to the field with GUID bindings, and send it to edge route Device, the authentication as user class；And for packet caused by user, will inquire about CFT according to CID is filtered, and is made For the safety verification of content-level；

Realize in the control plane and network configuration and strategy are managed and controlled, including：Context resolution service：Looked into by LCRS CAMT information is ask, obtains the mapping relations of content and network address；Name resolution service：One-level NRS in NRS is provided in domain For GUID to the analysis service of network address, the two level NRS in NRS provides analysis services of the GUID between domain to network address；Road Serviced by forwarding：During intra-area routes, router parses purpose network address come transmission packet according to one-level NRS；Yu Jian roads By when, gateway router by inquire about two level NRS obtain purpose gateway address, so as to pass through backbone network carry out packet biography It is defeated；Access Control service：Apply for that couple in router reports the GUID of the user, one-level NRS to one-level NRS when accessing in user Blacklist and the user right data provided according to operator determine the user whether access, and the authority of the user is set, Record security examines and account book information simultaneously.

6. a kind of perceive the implementation method for calculating the storage integral intelligent network architecture, it is characterised in that including：Setting has sense Know and calculate router content-aggregated in storage capacity and support region, two-stage title solution ambulant between domain in support region is set Server NRS is analysed, and the local area content resolution server LCRS of content caching in support region is set；Wherein：

Set router provides the security authentication services based on secure ID SecID, the data based on device identification GUID Forwarding service and the content service based on content identification CID；

When router receives the packet of user's transmission, type of data packet is first distinguished, storage integration is calculated for perceiving Intelligent network architecture SCSN packet, pass through SecID, GUID and CID and LCRS authentication packets of data packet head The legitimacy of content, the authenticity with NRS authentication user identity；Afterwards, judge by the packet verified as content bag Or request bag；For content bag, then assisted if the packet of content caching is allowed under LCRS scheduling between router With storage, if the packet of mobility support, the forwarding strategy based on GUID, GUID and address are realized in routing procedure Dynamic binding；For request bag, corresponding CID is then reported into LCRS by router if content requests, then returned according to LCRS Distribution of content situation realize it is content-aggregated；If access request, then by router and NRS communications by corresponding SecID with GUID realizes Access Control to carry out subscriber authentication.

7. a kind of implementation method for perceiving the calculating storage integral intelligent network architecture according to claim 6, its feature It is, for content bag, router carries out differential service according to the service identifiers position of data packet head first, including：

Packet to allowing content caching, CID is reported LCRS to obtain cache policy by router, in LCRS between router Scheduling under carry out collaboration storage, realize the shared of resource and multiplexing；

To the packet of mobility support, query router NRS obtains GUID and the dynamic binding of network address, then passes through local Forward table obtains the next hop router of routing forwarding, if packet retransmission failure, router data storage bag, continues to inquire about NRS carries out storage forwarding.

8. a kind of implementation method for perceiving the calculating storage integral intelligent network architecture according to claim 6, its feature It is, the NRS provides the dynamic binding service of GUID and network address；GUID is global invariant, the network address of equipment With the change of access point, dynamic change, the NRS ensure in the case of constantly being migrated in on-position to the correct of equipment Route；

The NRS uses hierarchy, including：One-level NRS and two level NRS；Wherein one-level NRS is used for intra-area routes, two level NRS For inter-domain routing；The device information update and safeguard that the mapping of GUID to network address is closed that one-level NRS reports according to router System, then calculate the equipment moved between all generation domains and report two level NRS；Movement is transparent to two level NRS in the domain of equipment , it only maintains mapping of the device identification to gateway router address GA, is responsible for domain where routing a data packet to purpose equipment；

One-level NRS classifies to routing inquiry and user access control information, and enters name resolution service corresponding to difference And user management module, one-level NRS user management modules are related to user access control and authentication, and by the increasing of intra domain user Delete information and be sent to two level NRS；Two level NRS receives the information from one-level NRS and gateway router, enters access customer by grader Management module and name resolution service module, renewal and the inquiry operation of two level NRS local informations are related separately to, finally will confirm that Information sends back one-level NRS, and Query Result sends back gateway router.

9. a kind of implementation method for perceiving the calculating storage integral intelligent network architecture according to claim 6, its feature It is, LCRS is used for the content stored in management domain in network；Content caching information updating that LCRS is reported according to router and Maintenance content and is based on CAMT, storage strategy module and Context resolution module, control route to the mapping table CAMT of storage address Device carry out content storage and assisting complete it is content-aggregated；LCRS establishes information filtering table always according to certain information filtering scheme CFT, the legitimacy for the scope of examination；

The LCRS includes：Grader, storage strategy module, Context resolution module and for depositing depositing for CAMT and CFT Reservoir；The information received is divided into content requests and stores two parts with content by grader, and content requests therein give content Parsing module carries out subsequent treatment, and content storage gives storage strategy module to carry out subsequent treatment；

Whether Context resolution module and storage strategy module can all call Context resolution module polls CFT, closed for the scope of examination Method；Continue to inquire about the distribution that CAMT obtains corresponding contents if content legality, Context resolution module divides the content inquired Cloth is sent to the router of request related content, and subsequent treatment is carried out by associated router；Storage strategy module is then according to storage Strategy determines the need for storing corresponding contents, and updates CAMT, while sends relevant instruction to router；If content is illegal Then refusal service.

10. a kind of implementation method for perceiving the calculating storage integral intelligent network architecture according to claim 6, its feature It is, it is respectively application layer, transport layer, network from top to bottom to perceive and calculate the logical level for storing the integral intelligent network architecture Layer and link layer；Wherein, router, NRS and LCRS are respectively positioned on Internet；

The Internet includes：Datum plane and control plane；

The function of the datum plane is as follows：Perception of content：Router is perceived and classified according to type of data packet, and is carried out Differential service；Content stores：Router is unified by CID contained in packet and type of data packet information reporting LCRS, LCRS Planning is stored content in single or multiple router；It is content-aggregated：First hop router receives user content request message Afterwards, by the CID of request content report LCRS, LCRS inquired about in CAMT the CID and returned content storage distributed intelligence, first , will be from some or some routers according to the content-aggregated strategy decision of router after hop router receives distributed intelligence It polymerize related content；Routing forwarding：Packet is forwarded according to GUID in same intradomain router, by NRS between multiple domains Two level NRS route according to the binding information of GUID and address, and because data packet format includes IP heads；Safety is tested Card：After user permits access, the SecID of user is arranged to the field with GUID bindings, and send it to edge route Device, the authentication as user class；And for packet caused by user, will inquire about CFT according to CID is filtered, and is made For the safety verification of content-level；

Realize in the control plane and network configuration and strategy are managed and controlled, including：Context resolution service：Looked into by LCRS CAMT information is ask, obtains the mapping relations of content and network address；Name resolution service：One-level NRS in NRS is provided in domain For GUID to the analysis service of network address, the two level NRS in NRS provides analysis services of the GUID between domain to network address；Road Serviced by forwarding：During intra-area routes, router parses purpose network address come transmission packet according to one-level NRS；Yu Jian roads By when, gateway router by inquire about two level NRS obtain purpose gateway address, so as to pass through backbone network carry out packet biography It is defeated；Access Control service：Apply for that couple in router reports the GUID of the user, one-level NRS to one-level NRS when accessing in user Blacklist and the user right data provided according to operator determine the user whether access, and the authority of the user is set, Record security examines and account book information simultaneously.