CN115499168B - Network communication security control method and system - Google Patents

Abstract

The invention relates to a network communication security control method and system, wherein the system comprises a network node and a communication link for connecting the network node; the network nodes are at the same or different trust levels; wherein: the network node is used for data storage and calculation; the network node has a control state and a non-control state; the dynamic setting of the control node forms the security protection based on the network boundary. The invention considers the credibility of the network nodes and the credibility of the connection relationship simultaneously during the safety control, creates a multi-level dynamic topological structure on the basis of not changing the physical topological structure of the network, and ensures the credibility and the safety on the basis of fully utilizing the network resources.

Description

Network communication security control method and system

[ Field of technology ]

The invention belongs to the technical field of network security, and particularly relates to a network communication security control method and system.

[ Background Art ]

The communication network is a huge and complex system and plays a vital role in the aspect of social development nowadays; once the communication network is abnormal, significant losses are incurred. It can be seen that for any computer network, ensuring information security is the key issue to be solved first

The trusted computing provided along with the terminal security or the network security is a technical method for fundamentally improving the security in order to solve the unsafe of the computer and the network structure. The trusted computing is a technical innovation in terms of logic correct verification, a computing architecture, a computing mode and the like, so that the problem that logic defects are not utilized by attackers is solved, a unified body of contradiction between attack and defense is formed, the logic combination for completing computing tasks is ensured not to be tampered and destroyed, and a correct computing function is realized. The research of the trusted network connection technology has been carried out for decades, and the trusted network connection grouping established by the trusted computing organization has also provided TNC technical specifications for extending the trusted state of the terminal into the network, so that the trust chain is extended from the terminal to the network, and platform identity authentication and integrity verification based on a platform hardware module are added on the basis of the traditional identity authentication-based network access control technology.

With the continuous expansion of the network scale and the increasing complexity of application modes, the components of network users become extremely complex, and the Internet is facing diversified security threats such as multiple vulnerabilities, low credibility and the like, so that the security and credibility of network communication paths are paid attention.

However, researches on trusted applications in network communication security in the prior art are focused on the aspects of trusted environment construction, trusted authentication modes and the like of single nodes, and a network topology structure is reasonably designed by combining with a trusted technology based on a basic topology structure, so that researches on network boundary control are implemented, namely related researches on comprehensive combination of trusted, dynamic topology and network communication security control are performed seamlessly.

The invention considers the credibility of the network nodes and the credibility of the connection relationship simultaneously during the safety control, creates a multi-level dynamic topological structure on the basis of not changing the physical topological structure of the network, and ensures the credibility and the safety on the basis of fully utilizing the network resources.

[ Invention ]

In order to solve the above-mentioned problems in the prior art, the present invention proposes a network communication security control method and system, the system comprising:

A network node and a communication link for connecting the network node; the network nodes are at the same or different trust levels; wherein: the network node is used for data storage and calculation; the network node has a control state and a non-control state; entering a control state when the network node has control right to become a control node; the control node performs network security control calculation and related data storage at the same time of data storage and calculation;

Further, the direct connection relation of the network node forms a basic communication diagram of the network node, and the reliability level is determined based on the meeting condition of the network node to the node reliability set and the meeting condition of the connection relation to the connection reliability set, so that a multi-level reliability communication diagram constructed based on the reliability level and the basic communication diagram is formed; the multi-level trusted communication graph corresponds to different trusted levels respectively, so that a network boundary range corresponding to the trusted levels is formed; forming a security protection based on a network boundary through dynamic setting of control nodes;

The method for determining the node trust level and the connection trust level based on the satisfaction condition of the network node to the node trust set and the satisfaction condition of the connection relation to the connection trust set specifically comprises the following steps:

Step SA1: setting or updating a node trusted set and a connection trusted set; the node trusted set comprises one or more trusted functions; the one or more trusted functions are relationship functions with respect to network node attributes; similarly, the connection trusted set contains one or more trusted functions; the one or more trusted functions are relationship functions regarding the properties of a connection link between two network nodes;

the node credible sets are multiple and respectively correspond to different credible grades; the connection trusted set is a plurality of connection trusted sets; respectively corresponding to different credibility levels;

Step SA2: calculating a node trust score PSC _i,k of each network node i at a kth trust level; wherein: PSC _i,k＝∑_kω_vf_k,v(attr_i,p);f_k,v () is the v-th trust function in the k-th trust level; attr _i,p is the p-th attribute of network node i; omega _v is the weight of the v-th trusted function; f _k,v () =1 when attr _i,p is such that f _k,v () is satisfied; otherwise, f _k,v () =0;

Step SA3: calculating a connection reliability score LSC _{i_j,k} of the network node i at a kth reliability level for a link i_j between each group of the network node i and the network node j;

Wherein: lv _i and Lv _j are respectively the trust levels of network node i; attr _{i_j,p} is the p-th attribute of link i_j; the connection trust score LSC _{i_j,k} is a directional score, LSC _{i_j} is equal to or not equal to LSC _{j_i};

The dynamic setting of the control node forms the security protection based on the network boundary, which is as follows: each control node is used for carrying out safety protection on the network nodes within the network boundary range; each or each group of control nodes is used for carrying out security protection on the network nodes with one trust level; the control node performs trusted verification on ACL or firewall application of the network node based on a trusted verification technology, and protects the process and rule data of the ACL or firewall; and further, hierarchical network communication security control is realized between network boundaries or areas according to access control rules corresponding to access control strategies corresponding to different credible grades through ACL technology or firewall technology.

Further, the ordering of scores for different network nodes at different trust levels may be different or the same.

Further, the trusted function can perform trusted verification on the attribute value of each attribute and the relationship between the attribute values; the attributes come from various levels of hardware and software of the network node.

Further, the trusted platform is used for managing the trusted functions corresponding to each trusted level; the trusted platform is a third party network node independent of the control node and the network node.

Further, the node trusted set and the connection trusted set are next level compatible.

Further, the trust level corresponding to the corresponding interval is obtained by making interval multivalue on the trust score of the node as the trust level of the network node.

A network communication security control method based on the network communication security control system, the method comprising:

Step S1: determining the credibility level of the data packet;

Step S2: creating a data packet by a network node;

Step S3: determining a next communication network node based on the data packet credibility level and sending the next communication network node;

Step S4: the current network node sends out a data packet to the next communication network node; the next communication network node receives the data packet and judges whether the next communication network node is a target network node or not, if so, the communication is ended; otherwise, return to step S3.

A processor for running a program, wherein the program runs to execute the network communication security control method.

A computer-readable storage medium comprising a program which, when run on a computer, causes the computer to execute the network communication security control method.

The beneficial effects of the invention include:

(1) Forming a layered dynamic network boundary range based on the trust level; the method comprises the steps that the credible condition of network nodes and the credible condition of connection relations are simultaneously considered during safety control, a multi-level dynamic topological structure is created on the basis of not changing a network physical topological structure, and the topological structure is directional;

(2) Constructing a transmission path set starting from an optimal transmission path on the basis of a basic communication graph, carrying out quantitative trusted control on the basis of the transmission path set and a layering communication graph, creating a multi-layer dynamic topological structure on the basis of providing good compatibility to the existing network structure, and guaranteeing the credibility and safety on the basis of fully utilizing network resources;

(3) Forming a network boundary safety protection based on a trusted level based on the dynamic setting of the control node, dynamically setting the directional randomness transfer of the control node according to the access control rules corresponding to the access control strategies corresponding to different trusted levels between network boundaries or areas, and improving the attack difficulty of the network boundary;

(4) Different grade compatibility directions are formed based on different control purposes, and under the condition that the control purposes are met, the communication propagation range is maximized while quantized security control based on the trusted grade is realized.

[ Description of the drawings ]

The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate and together with the description serve to explain the application, if necessary:

Fig. 1 is a schematic diagram of a network communication security control method according to the present invention

[ Detailed description ] of the invention

The present invention will now be described in detail with reference to the drawings and the specific embodiments thereof, wherein the exemplary embodiments and the description are for the purpose of illustrating the invention only and are not to be construed as limiting the invention;

The network communication security control system includes: a network node and a communication link for connecting the network node; wherein: the network node is used for data storage and calculation; the network node has a control state and a non-control state; entering a control state when the network node has control right to become a control node; the control node performs network security control calculation and related data storage while performing data storage and calculation; as shown in fig. 1, the network nodes are connected through communication links, and each network node is at the same or different trust level, and is shown in different gray scales in the figure; the higher the level of trust, the more complex the trusted control mechanism of the network node is, the better the trusted environment is, the higher the reliability that may be obtained, and vice versa;

preferably: the control right for network security is dynamically transferred; that is, the network node may remain as a control node due to control right reservation or become a normal network node due to control right loss into a non-control state, and the normal network node becomes a control node dynamically after meeting control right acquisition conditions; after becoming a control node, the network node still bears the basic storage and calculation tasks of the network node;

The direct connection relation of the network nodes forms a basic communication diagram of the network nodes, and the reliability level is determined based on the meeting condition of the network nodes to the node reliability set and the meeting condition of the connection relation to the connection reliability set, so that a multi-level reliability communication diagram constructed based on the reliability level and the basic communication diagram is formed; the multi-level trusted communication graph corresponds to different trusted levels respectively, so that a network boundary range corresponding to the trusted levels is formed; the invention considers the credibility of the network node and the credibility of the connection relationship while safely controlling, creates a multi-level dynamic topological structure on the basis of not changing the physical topological structure of the network, and ensures the credibility and the safety on the basis of fully utilizing the network resources;

The control node is used for storing the network node trusted set and the connection trusted set; the node trusted set includes a trusted function for determining a network node trust level; the connection trusted set comprises a trusted function for determining a connection relation trusted level;

Preferably: all the node trusted sets and the connection trusted sets of the trusted level are stored in a trusted platform for centralized management; of course this approach is relatively simple and security is reduced;

Alternatively, the following is used: the control node stores a node trusted set and a connection trusted set corresponding to the trusted level; one trust level corresponds to one or a group of control nodes; forming a security protection based on a network boundary through dynamic setting of control nodes; the node trusted set and the connection trusted set are only stored in the control node, so that the node range for consensus of the set content can be reduced; the control node may synchronize the contents of the two sets in a number of ways; for example: the control nodes together form a block chain and realize the synchronization of the content through a consensus mechanism;

preferably: the control node periodically calculates the node credibility level and the connection credibility level, and sends the node credibility level and the connection credibility level to the corresponding network node;

Alternatively, the following is used: when the network node transmits and forwards the data packet, the node credibility level and the connection credibility level are calculated in a mode of requesting the control node, and the calculation occurs locally or at the control node; when the calculation occurs in the control node, the control node acquires data required by the calculation from the request and sends a result obtained by the calculation to the request node; when the computation occurs locally, the control node sends the set to the requesting node;

The dynamic setting of the control node forms the security protection based on the network boundary, which is as follows: each control node is used for carrying out safety protection on the network nodes within the network boundary range; each or each group of control nodes is used for carrying out security protection on the network nodes with one trust level; the control node performs trusted verification on ACL or firewall application of the network node based on a trusted verification technology, and protects the process and rule data of the ACL or firewall; furthermore, hierarchical network communication security control is realized between network boundaries or areas according to access control rules corresponding to access control strategies corresponding to different credible grades through ACL technology or firewall technology;

Preferably: each or each group of control nodes is used for carrying out security protection on one or more network nodes with credibility levels; wherein: the one or more trust levels are all smaller than the one trust level, and the one trust level is the trust level corresponding to the control node; the control node performs the credible control in a downward compatible mode, and the control node has a corresponding credible mechanism to perform the access control, so that the credibility of the control node is not reduced in the downward compatible mode; for example: a control node with a level 5 degree of reliability can provide trusted control for a level 1-4 degree of reliability; the level 1-4 trust level is lower than level 5, but the internal trust control mechanism can provide corresponding trust control mechanism access control for the level 1-4 process; for a 5-level control node, data access from 1-4-level nodes can still be accessed, and the data access can be controlled in a trusted way through a 5-level corresponding trusted control mechanism without occurrence of an untrusted situation; of course, the upward or downward compatible mode may be selected according to the security environment requirements;

The method for determining the node trust level and the connection trust level based on the satisfaction condition of the network node to the node trust set and the satisfaction condition of the connection relation to the connection trust set specifically comprises the following steps:

Step SA1: setting or updating a node trusted set and a connection trusted set; the node trusted set comprises one or more trusted functions; the one or more trusted functions are relationship functions with respect to network node attributes; similarly, the connection trusted set contains one or more trusted functions; the one or more trusted functions are relationship functions regarding the properties of a connection link between two network nodes;

The node credible sets are multiple and respectively correspond to different credible grades; the connection trusted set is a plurality of connection trusted sets; respectively corresponding to different credibility levels; the node trusted set and the connection trusted set are dynamic sets and dynamically change along with the change of the trusted environment and the trusted constraint; the trusted environment is a trusted condition of the network communication environment, and the trusted constraint is a constraint on trusted judgment; therefore, the dynamic control of safety control can be simply and effectively realized through the dynamic change of the set;

Step SA2: calculating a node trust score PSC _i,k of each network node i at a kth trust level; wherein: PSC _i,k＝∑_kω_vf_k,v(attr_i,p);f_k,v () is the v-th trust function in the k-th trust level; attr _i,p is the p-th attribute of network node i; omega _v is the weight of the v-th trusted function; f _k,v () =1 when attr _i,p is such that f _k,v () is satisfied; otherwise, f _k,v () =0; that is, the ordering of scores of different network nodes at different trust levels may be different or the same, different trust levels not exhibiting consistency between different network nodes; the number and types of the related attributes are the same or different for different trusted functions, that is, the trusted functions are independent;

Preferably: the p-th attribute attr _i,p of the network node i includes: one or more of trusted encryption mode, storage security mode, trusted mode, operating system type, computing frequency, storage media type, proprietary protocol, digital signature hierarchy, etc.; the trusted function can perform trusted verification on the relationship between the attribute values of each attribute; the attribute comes from each level of software and hardware of the network node;

preferably: the trusted platform is used for managing trusted functions corresponding to each trusted level; the trusted platform is a third party independent of the control node and the network node; management includes storage, updating, sending, etc.;

Preferably: the node trusted set and the connection trusted set are compatible to the next level, that is, when the trusted functions in the current node trusted set are satisfied, the corresponding trusted functions of the next level are also satisfied;

Preferably: performing interval multivalue on the node trust score to obtain a trust grade corresponding to a corresponding interval as a trust grade of the network node; the interval for multivalued is a preset interval setting;

Step SA3: calculating a connection reliability score LSC _{i_j,k} of the network node i at a kth reliability level for a link i_j between each group of the network node i and the network node j;

wherein: lv _i and Lv _j are respectively the trust levels of network node i; attr _{i_j,p} is the p-th attribute of link i_j; the connection confidence score LSC _{i_j,k} is a directional score, that is, LSC _{i_j} is equal to or not equal to LSC _{j_i}; after quantitatively evaluating the connection reliability, the direct communication path between the network nodes may not be selected because the connection reliability score does not meet the reliability constraint, and the indirect communication path may be selected because the connection reliability score meets the reliability constraint; communication between network nodes with different credibility levels also falls into different credibility levels due to different communication directions, and the security control of the bidirectional communication link is changed into directed communication security control through the introduction of credibility scores; communication from a node with a low trust level to a node with a high trust level can lead to a reduction in the trust level of the link;

Preferably: performing interval multivalue on the connection trust score to obtain a trust level corresponding to the corresponding interval as a trust level of a communication link; the interval for multivalued is a preset interval setting;

The construction of the multi-level trusted communication graph based on the trusted level and the basic communication graph comprises the following steps: determining a level connection diagram of each trusted level in sequence, for the current trusted level, selecting network nodes with the trusted level being more than or equal to, less than or equal to the current trusted level on the basis of the basic connection diagram, and constructing the selected network nodes and edges with connection relations on the basic connection diagram into the level connection diagram corresponding to the current trusted level; all the level communication diagrams of the credible levels jointly form a multi-level credible communication diagram;

Alternatively, the following is used: the construction of the multi-level trusted communication graph based on the trusted level and the basic communication graph comprises the following steps: determining a level connection graph of each trusted level, for the current trusted level, selecting network nodes with the trusted level being greater than or equal to, equal to or less than the current trusted level on the basis of the basic connection graph, determining the selected network nodes and the edges with connection relations on the basic connection graph, and calculating the bidirectional connection trusted scores of the edges; making the bidirectional connection trust score into interval multiple values to obtain a connection trust grade; selecting an edge corresponding to a communication link with a connection reliability level greater than or equal to, equal to or less than or equal to the current reliability level on the basis of the basic communication graph; the selected network nodes and edges form a level connectivity graph corresponding to the current trusted level;

preferably, the mode of selection is determined to be equal to or greater than, equal to or less than or equal to based on the control target; when the control target is communication efficiency, selecting a mode to be less than or equal to; when the control target is safety, selecting a mode to be more than or equal to the safety; when the control target is balanced, the selected mode is equal to the mode; different grade compatible directions are formed based on different control purposes, and under the condition that the control purposes are met, the communication transmission range is maximized while quantitative security control based on the trusted grade is realized; the trusted control boundary is enlarged;

Preferably: storing a corresponding level of trusted connection graph and a basic connection graph in a multi-level trusted connection graph in a control node related to the trusted level by adopting a static control mechanism; when a dynamic control mechanism is adopted, a multi-level trusted communication graph is dynamically generated and is obtained by calculation in real time in the communication process of the data packet; and the related information for calculating the basic connectivity graph is stored in each network node;

The network node enters a control state when having control right to become a control node; the method specifically comprises the following steps:

Step SB1: triggering a control right transfer signal when the node trusted set and/or the connection trusted set corresponding to the trusted level change; at this time, it is possible that the control right corresponding to one trusted level is transferred and the control right corresponding to the other trusted level is not transferred;

preferably: the change is a quantization change, for example: modifying, updating, deleting and adding key trusted functions and/or more than a preset number of trusted functions in the set;

preferably: dynamically updating the node trust level and the connection trust level when the trusted environment and/or the trusted constraint change; periodically monitoring the change conditions of the trusted environment and the trusted constraint conditions; the node trusted set and the connection trusted set are dynamic sets and dynamically change along with the change of the trusted environment and the trusted constraint;

alternatively, the following is used: a periodic departure control right transfer signal;

Step SB2: after receiving the control right transfer signal, the control node recalculates the node trust level of the control node, judges whether the node trust level of the control node is changed or reduced, and if so, enters the next step; otherwise, the control right is not transferred;

preferably: the transfer of control may be an addition, subtraction, and hold number transfer;

alternatively, the following is used: when the node trust level of the node is judged to be lower than the trust level threshold value, entering the next step; the credibility level threshold is a preset value corresponding to the corresponding credibility level;

Step SB3: taking a control node as a center, searching a basic communication diagram by using a dynamic step length, judging whether a network node with a node credibility level being more than or equal to that of the control node exists in a dynamic step length range or not, and if so, transferring control right to the network node with the non-control state; if not, increasing the dynamic step size and re-executing the step SB3; the randomness of the control right transfer is improved through a control right transfer mechanism based on the credibility level;

Preferably: judging whether a transmission path meeting the safety requirement exists between a control node and a target node before transferring, and transferring through the transmission path if the transmission path exists; the node trust level of each network node in the transmission path meeting the safety requirement and the connection trust level of the communication link between the network nodes are all greater than or equal to the current trust level;

preferably: synchronously transferring the node trusted set and connecting the node trusted set after the control right is transferred;

Preferably: transmitting a notification message to a network node corresponding to the control right in a trust level while transferring the node trust set and connecting the trust set; alternatively, when the access request is sent to the front control node, the front control node sends a redirection request to the current control node, and updates the routing information of the network node based on the redirection information;

Preferably: when a static control mechanism is adopted, if control right transfer occurs, simultaneously transferring the multi-level trusted communication graph and the basic communication graph when the control right is transferred;

Preferably: the control right transfer is based on broadcast and consensus mechanism transfer; the control nodes are the same block chain nodes; further, the block chains are multiple, the control nodes with the same trust level belong to the same block chain, and the control nodes with different trust levels belong to different block chains;

Alternatively, the following is used: the control node sends a control right transfer message to other control nodes to transfer the control right;

Preferably: when a plurality of network nodes of non-control nodes with the node reliability level larger than that of the control node exist, selecting one or more network nodes with the lowest network reliability level and the lowest load as transfer objects; that is, the number of control nodes can be increased in this way; that is, the transfer of control may be an incremental transfer; when no network node exists, the control right is transferred out but not transferred in; that is, the transfer of control may be a subtractive transfer; the control node loses control right to become a common network node;

based on the same inventive concept, as shown in fig. 1, the invention provides a network communication security control method, which comprises the following steps:

Step S1: determining a data packet credibility level bk; the method comprises the following steps: responding to a data transmission request, acquiring a trusted demand of data transmission, and determining a data packet trusted level bk adapted to the trusted demand based on the trusted demand;

Step S2: creating a data packet by a network node; specific: responding to a data transmission request, acquiring a corresponding data packet credibility level bk based on the credibility requirement of data transmission, and acquiring an encryption mode corresponding to the credibility level to encrypt data; creating a data packet based on the encrypted data, wherein the data packet comprises a data transmission network node and a destination network node; based on the technologies of key generation, cryptographic algorithm and the like of trusted computing, the security encryption and decryption of the transmission data on the network are carried out by utilizing the cryptographic verification;

Step S3: determining a next communication network node based on the data packet credibility level and sending the next communication network node; the method comprises the following steps: determining a next communication network node based on the node trust level and the link trust level and transmitting;

The step S3 specifically includes the following steps:

step S31: determining a transmission path set from a current network node to a destination network node through a basic connectivity graph; the transmission paths contained in the transmission path set are optimal transmission paths determined based on a basic communication diagram; when the step is re-entered, the transmission path set is enlarged, and the size of the preset range is increased along with the increase of the re-entry times; the expanding transmission path set is used for acquiring transmission paths with communication overhead within a preset range; wherein: the communication overhead is one or more of path length, credibility and the like;

Preferably: the number of the optimal transmission paths is one or more;

step S32: acquiring a network node j in direct connection with a current network node i from a transmission path to form a link i_j;

Step S33: calculating a connection trust score LSC _{i_j,k} of the network node i and the network node j at the current trust level tbk; wherein: the initial value of the current trusted level tbk is equal to the trusted level of the data packet;

Step S34: determining a link with the connection credibility grade equal to the credibility grade of the data packet corresponding to the connection credibility grade as a link to be selected; if no link is to be selected, increasing the current trusted level tbk=tbk+1, judging whether the increased current trusted level is greater than the highest trusted level, if so, returning to the step S31 to expand the transmission path set, otherwise, entering the step S33;

alternatively, the following is used: determining that the link with the connection reliability score corresponding to the reliability level larger than the reliability level of the data packet and the node reliability level of the network node j larger than the reliability level of the data packet is used as a link to be selected;

Step S35: selecting a network node j with the lightest load from the links to be selected, and taking the network node j as a next communication network node;

Step S4: the current network node sends out a data packet to the next communication network node; the next communication network node receives the data packet and judges whether the next communication network node is a target network node or not, if so, the communication is ended; otherwise, returning to the step S3;

That is, a transmission path set starting from an optimal transmission path is constructed on the basis of a basic communication diagram, quantitative trusted control is performed on the basis of the transmission path set and the hierarchical communication diagram, a multi-level dynamic topological structure is created on the basis of providing good compatibility to the existing network structure, and the reliability and the safety are ensured on the basis of fully utilizing network resources;

The term "network node", "control node" encompasses all kind of apparatus, devices, and machines for processing data, including by way of example a programmable processor, a computer, a system-on-a-chip, or a plurality of or a combination of the foregoing. The apparatus can comprise dedicated logic circuits, such as an FPGA (field programmable gate array) or an ASIC (application specific integrated circuit). In addition to hardware, the apparatus may include code to create an execution environment for the computer program, e.g., code that constitutes processor firmware, a protocol stack, a database management system, an operating system, a cross-platform runtime environment, a virtual machine, or a combination of one or more of the foregoing. The apparatus and execution environment may implement a variety of different computing model infrastructures, such as web services, distributed computing, and grid computing infrastructures.

A computer program (also known as a program, software application, script, or code) can be written in any form of programming language, including compiled or interpreted languages, declarative or procedural languages, and it can be deployed in any form, including as a stand-alone program or as a module, component, subroutine, object or other unit suitable for use in a computing environment. The computer program may, but need not, correspond to a file in a file system. A program can be stored in a portion of a file that holds other programs or data (e.g., one or more scripts stored in a markup language document), in a single file dedicated to the program, or in multiple coordinated files (e.g., files that store one or more modules, subroutines, or portions of code). A computer program can be deployed to be executed on one computer or on multiple computers at one site or distributed across multiple sites and interconnected by a communication network.

It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

Finally, it should be noted that: the above embodiments are only for illustrating the technical aspects of the present invention and not for limiting the same, and it should be understood by those skilled in the art that the present invention is described in detail with reference to the above embodiments: modifications and equivalents may be made to the specific embodiments of the invention without departing from the spirit and scope of the invention, which is intended to be covered by the claims.

Claims (9)

1. A network communication security control system, the system comprising:

A network node and a communication link for connecting the network node; the network nodes are at the same or different trust levels; wherein: the network node is used for data storage and calculation; the network node has a control state and a non-control state; entering a control state when the network node has control right to become a control node; the control node performs network security control calculation and related data storage while performing data storage and calculation;

The direct connection relation of the network nodes forms a basic communication diagram of the network nodes, and the reliability level is determined based on the meeting condition of the network nodes to the node reliability set and the meeting condition of the connection relation to the connection reliability set, so that a multi-level reliability communication diagram constructed based on the reliability level and the basic communication diagram is formed; the multi-level trusted communication graph corresponds to different trusted levels respectively, so that a network boundary range corresponding to the trusted levels is formed; forming a security protection based on a network boundary through dynamic setting of control nodes;

The method for determining the node trust level and the connection trust level based on the satisfaction condition of the network node to the node trust set and the satisfaction condition of the connection relation to the connection trust set specifically comprises the following steps:

Step SA1: setting or updating a node trusted set and a connection trusted set; the node trusted set comprises one or more trusted functions; the one or more trusted functions are relationship functions with respect to network node attributes; similarly, the connection trusted set contains one or more trusted functions; the one or more trusted functions are relationship functions with respect to connection link properties between two network nodes;

The node credible sets are multiple and respectively correspond to different credible grades; the connection trusted set is a plurality of connection trusted sets; respectively corresponding to different credibility levels;

Step SA2: calculating a node trust score PSC _i,k of each network node i at a kth trust level; wherein:

PSC _i,k＝∑_kω_vf_k,v(attr_i,p);f_k,v () is the v-th trust function in the k-th trust level; attr _i,p is the p-th attribute of network node i; omega _v is the weight of the v-th trusted function; f _k,v () =1 when attr _i,p is such that f _k,v () is satisfied; otherwise, f _k,v () =0;

Step SA3: calculating a connection reliability score LSC _{i_j,k} of the network node i at a kth reliability level for a link i_j between each group of the network node i and the network node j;

wherein: lv _i and Lv _j are respectively the trust levels of network node i; attr _{i_j,p} is the p-th attribute of link i_j; the connection trust score LSC _{i_j,k} is a directional score, LSC _{i_j} is equal to or not equal to LSC _{j_i};

The dynamic setting of the control node forms the security protection based on the network boundary, which is as follows: each control node is used for carrying out safety protection on the network nodes within the network boundary range; each or each group of control nodes is used for carrying out security protection on the network nodes with one trust level; the control node performs trusted verification on the ACL or firewall application of the network node based on a trusted verification technology, and protects the process and rule data of the ACL or firewall; and further, hierarchical network communication security control is realized between network boundaries or areas according to access control rules corresponding to access control strategies corresponding to different credible grades through ACL technology or firewall technology.

2. The network communication security control system of claim 1, wherein the ordering of the scores of different network nodes at different trust levels may be different or the same.

3. The network communication security control system according to claim 2, wherein the trusted function can perform trusted verification on the attribute value of each attribute and the relationship between the attribute values; the attributes come from various levels of software and hardware of the network node.

4. A network communication security control system according to claim 3, wherein the trusted platform is configured to manage trusted functions corresponding to each trusted class; the trusted platform is a third party network node independent of the control node and the network node.

5. The network communication security control system of claim 4, wherein the node trusted set and the connection trusted set are next level compatible.

6. The network communication security control system of claim 5, wherein the trust level corresponding to the respective interval is obtained by making the interval multivalued of the node trust score as the trust level of the network node.

7. A network communication security control method based on the network communication security control system of any one of claims 1 to 6, the method comprising:

Step S1: determining the credibility level of the data packet;

Step S2: creating a data packet by a network node;

Step S3: determining a next communication network node based on the data packet credibility level and sending the next communication network node;

Step S4: the current network node sends out a data packet to the next communication network node; the next communication network node receives the data packet and judges whether the next communication network node is a target network node or not, if so, the communication is ended; otherwise, return to step S3.

8. A processor for running a program, wherein the program runs on a network communication security control method according to claim 7.

9. A computer-readable storage medium comprising a program which, when run on a computer, causes the computer to perform the network communication security control method of claim 7.