CN109150829B - Software-defined cloud network trusted data distribution method, readable storage medium and terminal - Google Patents

Software-defined cloud network trusted data distribution method, readable storage medium and terminal Download PDF

Info

Publication number
CN109150829B
CN109150829B CN201810750076.4A CN201810750076A CN109150829B CN 109150829 B CN109150829 B CN 109150829B CN 201810750076 A CN201810750076 A CN 201810750076A CN 109150829 B CN109150829 B CN 109150829B
Authority
CN
China
Prior art keywords
data
layer
network
software
distribution method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810750076.4A
Other languages
Chinese (zh)
Other versions
CN109150829A (en
Inventor
孙雁飞
谭虹
亓晋
王堃
许斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Posts and Telecommunications
Original Assignee
Nanjing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Posts and Telecommunications filed Critical Nanjing University of Posts and Telecommunications
Priority to CN201810750076.4A priority Critical patent/CN109150829B/en
Publication of CN109150829A publication Critical patent/CN109150829A/en
Application granted granted Critical
Publication of CN109150829B publication Critical patent/CN109150829B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/08Protocols for interworking; Protocol conversion
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content

Abstract

A software-defined cloud network trusted data distribution method, a readable storage medium and a terminal, wherein the method comprises the following steps: a forwarding layer of a software-defined cloud network layer acquires the original network data sent by an infrastructure layer, converts the acquired original network data into standardized network data in a preset format, and transmits the standardized network data to a control layer of the software-defined cloud network layer by adopting a preset trusted data distribution method; the control layer generates a corresponding control instruction according to the received standardized network data and sends the generated control instruction to the application layer by adopting the trusted data distribution method; and the application layer responds to the received control instruction, generates corresponding return result information and sends the generated return result information to the software-defined cloud network layer by adopting the trusted data distribution method. By the aid of the scheme, network congestion caused by mass data distribution in the cloud network can be relieved, and safety and reliability of data transmission are improved.

Description

Software-defined cloud network trusted data distribution method, readable storage medium and terminal
Technical Field
The invention relates to the technical field of data distribution, in particular to a software-defined cloud network trusted data distribution method, a readable storage medium and a terminal.
Background
In the nineteenth high-speed intersection in 2017, the zeolite provides an intelligent terminal hardware scheme and an Internet of things one-stop solution scheme, and the intelligent terminal hardware scheme and the Internet of things one-stop solution are highly approved by the industry. The AI technology is mature day by day, and can comprehensively permeate life, and along with the continuous development of the Internet technology, the realization of network modes of everything perception, everything interconnection and everything intelligence and the establishment of a convenient and safe network environment are the problems to be solved by people in all the world all the time. Therefore, an efficient, green, intelligent and credible data management mode is urgently needed to solve the problem of network islanding, improve the data transmission efficiency and reduce the risk of data leakage and tampering, and for various characteristics such as large scale, high accuracy requirement, sensitive time delay and the like of a cloud network, the cloud network provides the following requirements for data distribution: mass data storage computing power; high speed reliable network transmission capabilities; the interaction effect is intelligent; and the system information is safe and credible.
At present, research on Cloud networks at home and abroad mainly focuses on integrating Internet of Things (Internet of Things) technology and Cloud Service (Cloud Service) into Cloud network management, and solves the problems of limited resources and high expansion difficulty of traditional energy management.
However, cloud services provide convenience for cloud network data information management and also provide great challenges. With continuous maturity of a cloud network, massive network data information flow is inevitably generated, if data are all moved to a cloud for storage and calculation, an input/output bottleneck between a cloud center and base station equipment is inevitably caused, so that the transmission rate of the whole network is greatly reduced, meanwhile, serious network congestion is brought, and great potential safety hazards exist when the data are all stored in the cloud.
Disclosure of Invention
The technical problem solved by the invention is how to relieve network congestion caused by mass data distribution under a cloud network and improve the safety and reliability of data transmission.
In order to solve the technical problem, an embodiment of the present invention provides a software-defined cloud network trusted data distribution method, where the method includes:
the infrastructure layer acquires original network data generated by the network equipment and sends the original network data to the software defined cloud network layer through a network data access interface;
a forwarding layer of the software-defined cloud network layer acquires the original network data, converts the acquired original network data into standardized network data in a preset format, and transmits the standardized network data to a control layer of the software-defined cloud network layer by adopting a preset trusted data distribution method; the control layer generates a corresponding control instruction according to the received standardized network data and sends the generated control instruction to the application layer by adopting the trusted data distribution method;
and the application layer responds to the received control instruction, generates corresponding return result information and sends the generated return result information to the software-defined cloud network layer by adopting the trusted data distribution method.
Optionally, when the forwarding layer and the control layer perform data interaction, and when the control layer performs data interaction with the application layer, a party sending data is used as a sending end, and a party receiving data is used as a receiving end; the trusted data distribution method comprises the following steps:
the sending end divides the standardized network data into different data blocks; each data block includes data transformation information that occurs during its creation; linking each data block to the previous data block through corresponding attribute data according to the time sequence to form corresponding transmission data; encrypting the transmission data by adopting a public key to obtain encrypted transmission data and transmitting the encrypted transmission data to the receiving end;
the receiving end receives the encrypted transmission data and decrypts the encrypted transmission data by adopting a corresponding private key to obtain the transmission data; authenticating the transmission data obtained by decryption; when authentication is passed, the transmission data is stored and the received transmission data is responded.
Optionally, after the transmitting end transmits the transmission data to the receiving end, the method further includes:
and storing data conversion information corresponding to the transmission data and the information of the transmission data.
Optionally, the receiving end includes a plurality of service nodes; the receiving end authenticates the transmission data obtained by decryption, and the method comprises the following steps:
the receiving end randomly determines a plurality of service nodes participating in authentication and judges whether the number of the service nodes participating in authentication meets a preset operation rule or not;
authenticating, by the plurality of service nodes, the transmission data when it is determined that the number of service nodes participating in authentication satisfies the operation rule;
when the plurality of service nodes are determined to pass the authentication of the transmission data, the transmission data is counted into an (N-F +1) th node.
Optionally, the operation rule is:
Figure BDA0001723918780000031
wherein, N represents the total number of service nodes, D represents the number of service nodes participating in authentication, and F represents the number of uncertain service nodes.
Optionally, the attribute data includes full-text data, fact data, and numerical data of the corresponding data block.
Optionally, the standardized network data is network data in an electronic record format.
The embodiment of the invention also provides a computer-readable storage medium, wherein a computer instruction is stored on the computer-readable storage medium, and the computer instruction executes the steps of any one of the software-defined cloud network trusted data distribution methods when running.
The embodiment of the invention also provides a terminal, which comprises a memory and a processor, wherein the memory is stored with a computer instruction capable of running on the processor, and the processor executes the steps of the software-defined cloud network trusted data distribution method when running the computer instruction.
Compared with the prior art, the technical scheme of the embodiment of the invention has the following beneficial effects:
according to the scheme, a forwarding layer of a software-defined cloud network layer is adopted to obtain original network data, generated by network equipment, obtained by an infrastructure layer, of the original network data, the original network data are converted into standardized network data and are adopted, a preset trusted data distribution method is transmitted to a control layer of the software-defined cloud network layer, the control layer generates a corresponding control instruction according to the received standardized network data and sends the control instruction to an application layer by adopting the trusted data distribution method, and finally the application layer responds to the received control instruction, generates corresponding return result information and sends the generated return result information to the software-defined cloud network layer by adopting the trusted data distribution method.
Drawings
Fig. 1 is a schematic structural diagram of a trusted software-defined cloud network data distribution system in an embodiment of the present invention;
fig. 2 is a schematic flowchart of a trusted data distribution method of a software-defined cloud network in an embodiment of the present invention;
fig. 3 is a flowchart illustrating a trusted data distribution method in an embodiment of the present invention.
Detailed Description
The technical scheme of the embodiment of the invention adopts a forwarding layer of a software defined cloud network layer to obtain original network data generated by network equipment obtained by an infrastructure layer, the original network data is converted into standardized network data and adopted, a preset trusted data distribution method is transmitted to a control layer of the software defined cloud network layer, the control layer generates a corresponding control instruction according to the received standardized network data, and sending the data to an application layer by adopting the trusted data distribution method, finally responding the received control instruction by the application layer to generate corresponding return result information and sending the generated return result information to the software-defined cloud network layer by adopting the trusted data distribution method, network congestion caused by mass data in a cloud network can be relieved, and the safety and reliability of data transmission are improved.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below.
For ease of understanding, the structure of the trusted software-defined cloud network data distribution system in the embodiment of the present invention will be described first.
Fig. 1 is a schematic structural diagram of a trusted software-defined cloud network data distribution system according to an embodiment of the present invention. Referring to fig. 1, a trusted software-defined cloud network data distribution system may include an infrastructure layer 11, a software-defined cloud network layer 12 composed of a control layer and a forwarding layer, and an application layer 13. Wherein the software defined cloud network layer 12 is coupled with the infrastructure layer 11 and the application layer 13, respectively.
The working principle of the trusted software-defined cloud network data distribution system shown in fig. 1 will be described in detail with reference to fig. 2.
Fig. 2 shows a flowchart of a trusted data distribution method of a software-defined cloud network in an embodiment of the present invention. Referring to fig. 2, a software-defined cloud network trusted data distribution method may include the following steps:
step S201: and the infrastructure layer acquires original network data generated by the network equipment and sends the original network data to the software defined cloud network layer through a network data access interface.
In specific implementation, the infrastructure layer includes various network infrastructure devices such as a switching device, a routing device, a network card device, a server device, a cable bus device, and the like, and the software defined cloud network layer is mainly used for sensing original network data generated by the software and hardware devices by means of an internet of things technology. Wherein:
the switching equipment provides an exclusive electric signal channel for any two network nodes accessed to the switch, and sends the information to be transmitted to a corresponding route meeting the requirement by a method of manual or automatic equipment according to the requirement of information transmission at two communication ends, thereby essentially completing the information exchange function in a communication system. The switching device is generally applied to a data link layer, and has a plurality of ports, each of which has a bridging function and can be connected with a local area network or a high-performance server or workstation.
The router device is a router which receives a data packet from one interface, orients the data packet according to a destination address of the data packet and forwards the data packet to the other interface. The routing device supports multiple protocols, typically occurring at the network layer of the TCP/IP protocol, and is typically a network-wide process that connects two or more logical ports identified by an IP subnet or point-to-point protocol, determining an end-to-end path as a packet travels from a source to a destination.
The network card device is one of important components of a network component device, and serves as an interface for connecting a computer and a transmission medium in a local area network so as to realize physical connection and electric signal matching with the transmission medium of the local area network, and has a relationship with functions of frame sending and receiving, frame packaging and unpacking, medium access control, data encoding and decoding, data caching and the like.
The server equipment is used for providing computer service, responding to service requests, and undertaking service and ensuring service. The server equipment has comprehensive functions, strong manageability and easy maintenance, and can be used for meeting the requirements of medium and small network users on data processing, file sharing, Intemet access, simple database application and the like.
The cable bus device is a common communication trunk line for transmitting information among various functional components of a computer, between computers, between an external device and the computer, and can be divided into a data bus, an address bus and a control bus which are respectively used for transmitting data information, data address information and control signal information.
Step S202: the forwarding layer of the software defined cloud network layer acquires the original network data, converts the acquired original network data into standardized network data in a preset format, and transmits the standardized network data to the control layer of the software defined cloud network layer by adopting a preset trusted data distribution method.
In specific implementation, the software defined cloud network layer includes a forwarding layer and a control layer, the control plane and the data plane of the network device are separated, the forwarding layer of the network device retains a forwarding function, and the control layer performs a centralized control function and issues an instruction to the application layer at the bottom layer through an application program open interface. Specifically, the software-defined cloud network layer accesses original network data from the infrastructure layer, the data are standardized by the forwarding layer, the data are forwarded more flexibly, and the forwarding layer transmits the data to the control layer by adopting a preset trusted data distribution method, so that the reliability is higher and the redundancy is low during data transmission.
In an embodiment of the present invention, the forwarding layer includes an access layer, a convergence layer, and a core layer, and is mainly used to standardize raw data perceived by an infrastructure layer, so as to simplify network forwarding devices.
The access layer is a part of the network directly facing to the user connection or access network, is used for allowing the terminal user to be connected to the network, has the characteristics of plug and play, easy use and maintenance, uses the switch equipment with high performance price ratio, and has the characteristics of low cost and high port density. The access layer provides the ability of accessing the application system in the local network segment for the users, mainly solves the mutual access requirement between adjacent users, provides enough bandwidth for the mutual access between the users, and is responsible for some user management functions, such as address authentication, user authentication, charging management and the like, and user information collection work, such as IP addresses, MAC addresses, access logs and the like of the users.
The convergence layer, which is located between the access layer and the core layer, is a convergence point of switches of multiple access layers, and can process all communication data volume from the access layer devices and provide uplink to the core layer. The switches of the convergence layer have higher performance, fewer interfaces and higher switching rate than the switches of the access layer. In addition, the convergence layer is also used for converging the user traffic of the access layer, converging, forwarding and exchanging data packet transmission, then performing local routing, filtering, traffic balancing, quality of service (QoS) priority management, security mechanism, IP address conversion, traffic shaping, multicast management and other processing according to the user traffic of the access layer, forwarding the user traffic processing result to the core layer or performing routing processing locally, and finally completing conversion of various protocols, such as routing summarization and republishing, and the like, so as to ensure that the core layer is connected with areas running different protocols.
The core layer is a final receiver and a final aggregator of all traffic, and is a network backbone part jointly formed by devices such as a core switch, a router and a firewall, and the core layer mainly aims to provide a fast and reliable backbone transmission structure through high-speed forwarding communication, and the switch of the core layer needs to have higher reliability, performance and throughput. The core layer mainly has the functions of realizing optimized transmission among backbone networks and solving the problems of redundancy capability, reliability and high-speed transmission in the transmission process.
In specific implementation, the control layer is configured to receive data sent by the forwarding layer, generate a corresponding control instruction based on the data sent by the forwarding layer, and send the control instruction to the application layer. In an embodiment of the present invention, the control layer is used as a core and a logic control center of the entire network, and different authorities are set for different levels of administrators to put an end to a direct physical access manner of the control layer, thereby reducing the problem of data untrusted caused by misoperation and mis-configuration of the administrators to the maximum extent.
Step S203: and the control layer generates a corresponding control instruction according to the received standardized network data and transmits the generated control instruction to the application layer by adopting the trusted data distribution method.
In a specific implementation, when receiving the standardized network data sent by the forwarding layer, the control layer responds to the received standardized network data, that is, generates a corresponding control instruction based on the received standardized network data and sends the control instruction to the application layer, so that the application layer executes an operation corresponding to the control instruction and returns corresponding operation result information.
In an embodiment of the present invention, the control layer includes a Network deployment layer and a software defined cloud Network (SDN)/Network Function Virtualization (NFV) controller, and the two layers are connected by a control data plane interface. Meanwhile, a control data plane interface is also used for connecting the SDN/NFV controller and a forwarding layer in the software defined cloud network layer. The channel adopts the transmission mode of the trusted data distribution method, and the identity of both parties is generally verified by a public key and private key system so as to ensure the integrity and confidentiality in the data transmission process. Wherein:
the network arrangement layer is positioned at the upper layer of the SDN/NFV controller and is responsible for cross-domain network management, and is used for coordinating management networks and computing resources of multiple manufacturers and multiple controllers and intelligently scheduling cross-domain network services.
The SDN/NFV controller is a control core of a network and is used for carrying out overall intelligent scheduling on network forwarding services, issuing the services to a forwarding layer through a data control plane interface and further executing the services on physical equipment; the method enables computing and storage resources, such as a server, a container or a virtual machine, to run a specific application program, integrates a plurality of devices on the same network layer and integrates devices on another layer, enables the whole network to run as the same large-scale frame type device, and enables various operations such as running, management and the like to be virtualized in one large-scale device, replaces the traditional realization of tasks of network service configuration and deployment realized manually, and further reduces the operation cost.
Step S204: and the application layer responds to the received control instruction, generates corresponding return result information and sends the generated return result information to the software-defined cloud network layer by adopting the trusted data distribution method.
In specific implementation, the application layer may include applications such as mobile devices, cloud storage, APP application programs, and business applications, and is used as a bottom layer of the system to receive instructions and network resources of a control layer of an upper software definition cloud network layer, and also to provide data information for the upper software definition cloud network layer, and the application program opens an interface, so that a terminal user can develop a new network function by himself or herself, and a network requirement for programmability is met.
In addition, the application layer can establish an effective authentication mechanism between the application program and the control layer according to the authority, so that the situation that different users and administrators can deploy network application programs on the control layer is avoided, and if the application of different users has a logic conflict problem in logic operation, different application programs can be effectively isolated in time.
In the foregoing description of the working principle of the trusted software-defined cloud network data distribution system in the embodiment of the present invention, that is, when a data distribution method based on a software-defined cloud network is introduced, a preset trusted data distribution method is adopted for data transmission in the forwarding layer, the control layer, and when data interaction is performed between the control layer and the application layer, and the trusted data distribution method will be described below.
It should be noted that, in the description process of the trusted data distribution method, when the forwarding layer and the control layer perform data interaction, and when the control layer performs data interaction with the application layer, a party that sends data is referred to as a sending end, and a party that receives data is referred to as a receiving end.
Fig. 3 shows a flowchart of a trusted data distribution method in an embodiment of the present invention. Referring to fig. 3, a trusted data distribution method may include the operations of:
step S301: the sending end divides the standardized network data into different data blocks; each data block includes data transformation information that occurs during its creation.
In an embodiment of the present invention, the standard network data is network data in an electronic recording format.
In a specific implementation, each data block includes data transformation information occurring during its creation, i.e., information of the format of the data format before and after conversion of the original network data.
Step S302: and the sending end links each data block to the previous data block through corresponding attribute data according to the time sequence to form corresponding transmission data.
In a specific implementation, the sending end uses the standardized network data obtained by converting the original network data acquired in the corresponding time period as a data block, and links the currently generated data block to the previous data block through the corresponding attribute data when each data block is generated, so as to form a set of chained data, that is, the transmission data including one or more data blocks. The attribute data of the currently generated data block includes full-text data, numerical data, fact data, and the like corresponding to the data block.
In an embodiment of the present invention, in order to ensure the reliability of data, after a data block is added to a data chain, only a user with administrator authority may perform an operation on the newly added data block, and other users may not perform any operation on the newly added data block, so that the authenticity and reliability of data may be ensured.
Step S303: and the sending end encrypts the transmission data by adopting a public key to obtain encrypted transmission data and transmits the encrypted transmission data to the receiving end.
In a specific implementation, when generating corresponding transmission data, the sending end encrypts the transmission data by using a public key degree disclosed by the whole network, and sends the encrypted transmission data to the receiving end.
In an embodiment of the present invention, when each service node in the sending end sequentially generates corresponding data blocks according to a time sequence, data conversion occurring during creation of each data block and information records of the data blocks sent to the receiving end are stored, and all nodes participating in data distribution are allowed to record and store all data, so as to avoid unreliable data conditions such as serious data leakage and tampering caused by centralized data storage.
Step S304: and the receiving end receives the encrypted transmission data and decrypts the encrypted transmission data by adopting a corresponding private key to obtain the transmission data.
In a specific implementation, when receiving encrypted transmission data sent by a sending end, the receiving end decrypts the encrypted transmission data sent by the sending end by using a private key that can be known by an information owner to obtain corresponding transmission data.
Step S305: the receiving end authenticates the transmission data obtained by decryption; when authentication is passed, the transmission data is stored and the received transmission data is responded.
In a specific implementation, the receiving end includes a plurality of service nodes; and the receiving end authenticates the transmission data obtained by decryption. Specifically, the receiving end randomly determines a plurality of service nodes participating in authentication, and judges whether the number of the service nodes participating in authentication meets a preset operation rule. In an embodiment of the present invention, the preset operation rule that the number of the service nodes participating in the authentication satisfies is:
Figure BDA0001723918780000101
wherein, N represents the total number of service nodes, D represents the number of service nodes participating in authentication, and F represents the number of uncertain service nodes.
Then, when the number of the service nodes participating in authentication is determined to meet the operation rule and the received transmission data is complete, authenticating the transmission data by the service nodes; when the plurality of service nodes are determined to pass the authentication of the transmission data, the transmission data is counted into an (N-F +1) th node. The plurality of service nodes authenticate the transmission data, that is, the transmission data is used by the plurality of service nodes, and when it is determined that the single statistical result passing rate reaches a preset threshold, for example, 51%, the plurality of service nodes pass authentication of the transmission data.
The embodiment of the invention also provides a computer-readable storage medium, wherein a computer instruction is stored on the computer-readable storage medium, and the computer instruction executes the steps of the software-defined cloud network trusted data distribution method when running. Please refer to the description in the foregoing section, and details are not repeated.
The embodiment of the invention also provides a terminal, which comprises a memory and a processor, wherein the memory is stored with a computer instruction capable of running on the processor, and the processor executes the steps of the software-defined cloud network trusted data distribution method when running the computer instruction. Please refer to the description in the foregoing section, and details are not repeated.
By adopting the scheme in the embodiment of the invention, the forwarding layer of the software defined cloud network layer is adopted to obtain the original network data generated by the network equipment obtained by the infrastructure layer, the original network data is converted into the standardized network data and adopted, the preset trusted data distribution method is transmitted to the control layer of the software defined cloud network layer, and then the control layer generates the corresponding control instruction according to the received standardized network data, and sending the data to an application layer by adopting the trusted data distribution method, finally responding the received control instruction by the application layer to generate corresponding return result information and sending the generated return result information to the software-defined cloud network layer by adopting the trusted data distribution method, network congestion caused by mass data in a cloud network can be relieved, and the safety and reliability of data transmission are improved.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by instructions associated with hardware via a program, which may be stored in a computer-readable storage medium, and the storage medium may include: ROM, RAM, magnetic or optical disks, and the like.
Although the present invention is disclosed above, the present invention is not limited thereto. Various changes and modifications may be effected therein by one skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.

Claims (8)

1. A software-defined cloud network trusted data distribution method is characterized by comprising the following steps:
the infrastructure layer acquires original network data generated by the network equipment and sends the original network data to the software defined cloud network layer through a network data access interface;
a forwarding layer of the software-defined cloud network layer acquires the original network data, converts the acquired original network data into standardized network data in a preset format, and transmits the standardized network data to a control layer of the software-defined cloud network layer by adopting a preset trusted data distribution method; the control layer of the software defined cloud network layer generates a corresponding control instruction according to the received standardized network data, and sends the generated control instruction to the application layer by adopting the trusted data distribution method; when the forwarding layer and the control layer carry out data interaction, and when the control layer and the application layer carry out data interaction, one party sending data is used as a sending end, and one party receiving data is used as a receiving end; the trusted data distribution method comprises the following steps: the sending end divides the standardized network data into different data blocks; each data block includes data transformation information that occurs during its creation; linking each data block to the previous data block through corresponding attribute data according to the time sequence to form corresponding transmission data; encrypting the transmission data by adopting a public key to obtain encrypted transmission data and transmitting the encrypted transmission data to the receiving end; the receiving end receives the encrypted transmission data and decrypts the encrypted transmission data by adopting a corresponding private key to obtain the transmission data; authenticating the transmission data obtained by decryption; when the authentication is passed, storing the transmission data and responding to the received transmission data;
and the application layer responds to the received control instruction, generates corresponding return result information and sends the generated return result information to the software-defined cloud network layer by adopting the trusted data distribution method.
2. The trusted data distribution method for the software-defined cloud network according to claim 1, further comprising, after the transmission data is transmitted to the receiving end:
and the sending end stores data transformation information corresponding to the transmission data and the information of the transmission data.
3. The software defined cloud network trusted data distribution method of claim 1 or 2, wherein the receiving end comprises a plurality of service nodes; the receiving end authenticates the transmission data obtained by decryption, and the method comprises the following steps:
the receiving end randomly determines a plurality of service nodes participating in authentication and judges whether the number of the service nodes participating in authentication meets a preset operation rule or not;
authenticating, by the plurality of service nodes, the transmission data when it is determined that the number of service nodes participating in authentication satisfies the operation rule;
when the plurality of service nodes are determined to pass the authentication of the transmission data, counting the transmission data into an (N-F +1) th node; n represents the total number of service nodes, and F represents the number of uncertain service nodes.
4. The software-defined cloud network trusted data distribution method according to claim 3, wherein the operation rule is:
Figure FDA0002662409900000021
wherein D represents the number of service nodes participating in authentication.
5. The software-defined cloud network trusted data distribution method of claim 1, wherein said attribute data comprises full-text data, factual data, and numerical data of corresponding data blocks.
6. The software-defined cloud network trusted data distribution method of claim 1, wherein the standardized network data is network data in an electronic record format.
7. A computer readable storage medium having stored thereon computer instructions, wherein the computer instructions when executed perform the steps of the software defined cloud network trusted data distribution method of any one of claims 1 to 6.
8. A terminal, characterized by comprising a memory and a processor, wherein the memory stores computer instructions capable of running on the processor, and the processor executes the computer instructions to execute the steps of the software defined cloud network trusted data distribution method according to any one of claims 1 to 6.
CN201810750076.4A 2018-07-09 2018-07-09 Software-defined cloud network trusted data distribution method, readable storage medium and terminal Active CN109150829B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810750076.4A CN109150829B (en) 2018-07-09 2018-07-09 Software-defined cloud network trusted data distribution method, readable storage medium and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810750076.4A CN109150829B (en) 2018-07-09 2018-07-09 Software-defined cloud network trusted data distribution method, readable storage medium and terminal

Publications (2)

Publication Number Publication Date
CN109150829A CN109150829A (en) 2019-01-04
CN109150829B true CN109150829B (en) 2020-12-29

Family

ID=64800244

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810750076.4A Active CN109150829B (en) 2018-07-09 2018-07-09 Software-defined cloud network trusted data distribution method, readable storage medium and terminal

Country Status (1)

Country Link
CN (1) CN109150829B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109831490B (en) * 2019-01-14 2020-09-25 中国联合网络通信集团有限公司 Edge cloud system based on cloud network integration and access method
CN111641592B (en) * 2020-05-08 2022-07-29 卓尔智联(武汉)研究院有限公司 Data transmission method and device based on middleware and computer equipment
CN112383393B (en) * 2020-11-14 2023-01-31 重庆邮电大学 Trusted communication system and method for software defined sensor network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104954466A (en) * 2015-06-16 2015-09-30 南京邮电大学 Smart service system of Internet of things based on software definition
CN105453047A (en) * 2013-05-06 2016-03-30 康维达无线有限责任公司 Internet of things (IoT) adaptation services
CN106302254A (en) * 2016-07-29 2017-01-04 山东大学苏州研究院 A kind of internet of things data forwarding system based on SDN
CN107948129A (en) * 2017-10-16 2018-04-20 北京邮电大学 Internet of Things mist calculating network system and its control method based on SDN
CN108234211A (en) * 2017-12-30 2018-06-29 上海陆家嘴国际金融资产交易市场股份有限公司 Network control method, system and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10965621B2 (en) * 2016-12-15 2021-03-30 At&T Intellectual Property I, L.P. Application-based multiple radio access technology and platform control using SDN

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105453047A (en) * 2013-05-06 2016-03-30 康维达无线有限责任公司 Internet of things (IoT) adaptation services
CN104954466A (en) * 2015-06-16 2015-09-30 南京邮电大学 Smart service system of Internet of things based on software definition
CN106302254A (en) * 2016-07-29 2017-01-04 山东大学苏州研究院 A kind of internet of things data forwarding system based on SDN
CN107948129A (en) * 2017-10-16 2018-04-20 北京邮电大学 Internet of Things mist calculating network system and its control method based on SDN
CN108234211A (en) * 2017-12-30 2018-06-29 上海陆家嘴国际金融资产交易市场股份有限公司 Network control method, system and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Energy Management for EV Charging in Software-Defined Green Vehicle-to-Grid Network;Xiaoxuan Hu;《 IEEE Communications Magazine》;20180517;第56卷(第5期);全文 *
基于ICN的IoT信息分发平台的设计与实现;刘文超;《中国优秀硕士学位论文全文库数据库》;20180315(第03期);全文 *

Also Published As

Publication number Publication date
CN109150829A (en) 2019-01-04

Similar Documents

Publication Publication Date Title
CN110431823B (en) Method for facilitating secure communication management in a hardware accelerator and hardware accelerator
CN108769150B (en) Data processing method and device of block chain network, cluster node and storage medium
CN114302402B (en) 5G-based power regulation and control service safety communication method
CN108683747A (en) Resource acquisition, distribution, method for down loading, device, equipment and storage medium
Szymanski Securing the industrial-tactile Internet of Things with deterministic silicon photonics switches
CN111612466B (en) Consensus and resource transmission method, device and storage medium
CN109150829B (en) Software-defined cloud network trusted data distribution method, readable storage medium and terminal
US20220035322A1 (en) Intelligent operation control apparatus and system
CN107295312A (en) A kind of wireless video safety access system based on SSL VPN
Xu et al. SIoTFog: Byzantine-resilient IoT fog networking
CN108900518B (en) Credible software-defined cloud network data distribution system
CN112367160A (en) Virtual quantum link service method and device
Saksonov et al. Organization of information security in Industrial Internet of Things systems
CN106341256B (en) V2G system based on software defined network and safety communication method thereof
CN109195160B (en) Tamper-proof storage system of network equipment resource detection information and control method thereof
CN114186213B (en) Data transmission method, device, equipment and medium based on federal learning
CN107104964B (en) Network security terminal and use method
Chimeh 5G Mobile Communications: A mandatory wireless infrastructure for Big data
CN111277516B (en) User plane concentration unit, data processing device and data processing method
Chun Design of network transmission model for end-to-end communication
CN112769670B (en) VPN data security access control method and system
CN115883256B (en) Data transmission method, device and storage medium based on encryption tunnel
CN112887144B (en) Smart city hybrid network system based on Argon2 hash function and SDN
Gardasu et al. A fog computing solution for advanced security, storage techniques for platform infrastructure
Patel et al. Security and Privacy Challenges in 5G-enabled Technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20190104

Assignee: Jiangsu Nanyou October Science Park Management Co.,Ltd.

Assignor: NANJING University OF POSTS AND TELECOMMUNICATIONS

Contract record no.: X2022980007683

Denomination of invention: Software defines cloud network trusted data distribution method, readable storage medium and terminal

Granted publication date: 20201229

License type: Common License

Record date: 20220613