CN117240770B - Satellite network routing method and device and electronic equipment - Google Patents

Abstract

The application provides a satellite network routing method, which is applied to a satellite network with a plurality of clusters, wherein one cluster comprises the following steps: each satellite node generates a blockchain credential, the cluster head node generates a blockchain summarizing credential, when a source node in a satellite network receives a routing request and a cluster to which the source node belongs is consistent with a cluster to which a destination node belongs, at least one candidate node associated with the current node is determined, a legal node in the at least one candidate node is selected according to the blockchain credential of the at least one candidate node, and then the next node is selected from the legal nodes according to a preset routing strategy. Therefore, the application enables the current node to verify the credibility of the next node based on the publicly-trusted blockchain certificate, thereby guaranteeing the reliability and the safety of network transmission. Through the design of clustering layering, the fast convergence of block chain transmission can be realized during link updating, and the whole network burden caused by star road is further reduced.

Description

Satellite network routing method, device and electronic equipment

Technical Field

The present invention mainly relates to the field of satellite network technology, and in particular to a satellite network routing method, device and electronic equipment.

Background technique

With the rapid development of satellite communication technology, the number of satellite launches has exploded, and the security issues of satellite networking have gradually become prominent. In particular, the demand for satellite networks in areas such as information support and emergency rescue has continued to expand, placing higher demands on the credibility and reliability of satellite communication links. Taking micro-nano satellite networks as an example, in the process of using intersatellite links to quickly transmit extremely important information, whether the satellite access nodes and each routing node on the transmission path are trustworthy becomes extremely critical.

However, the open nature of satellite networks makes it easy for attackers to disguise the behavior of neighboring nodes or external consultants. It is generally difficult to verify whether the next satellite node to be connected is trustworthy. Especially when the entire network is required to support information return, it is difficult to detect the tampering and disguise of a single or multiple satellite nodes in time. This poses a great threat to the reliability and security of satellite network transmission.

The most common and first considered method is encryption and decryption algorithm protection. However, the core of cryptographic secure routing implementation relies on reliable keys. In most existing routing algorithm designs, such as Optimal Secure Routing (OSR), Self-Organizing Secure On-Demand Distance Vector, Link State Optimized Routing (OLSR), etc., there must be a central agency (CA) to distribute keys between network nodes. However, given the generally distributed characteristics of satellite networks, the setting of a central agency is obviously not suitable and will further introduce new security risks.

Targeting the scenarios and requirements of high security, high reliability and fast return of micro-nano satellite networks that are typical of measurement and control information return, considering the challenges posed by the distributed and open node characteristics of satellite networks to the security of satellite nodes, as well as the difficulty in obtaining publicly verifiable credibility history information.

Summary of the invention

The purpose of the present invention is to provide a satellite network routing method, device and electronic equipment to solve the problem that it is difficult to verify whether the next satellite node is trustworthy in the existing satellite network, so as to ensure the reliability and security of network transmission.

To achieve the above object, in a first aspect of the present invention, a satellite network routing method is provided, which is applied to a satellite network, wherein the satellite network has multiple clusters, each cluster includes a selected cluster head node and at least one satellite node corresponding to the cluster head node, each satellite node generates a corresponding blockchain certificate according to its authentication information and writes it into the inter-satellite blockchain, and the cluster head node generates a blockchain summary certificate of a cluster according to all authentication information of a cluster, and the method includes:

In response to a routing request received by a source node of the satellite network, determining whether a cluster to which the source node belongs is consistent with a cluster to which a destination node belongs;

When the cluster to which the source node belongs is the same as the cluster to which the destination node belongs, the source node routes to the destination node through multiple jumps within its cluster, wherein the following steps are performed in each jump:

Determine at least one candidate node associated with the current node, select a legitimate node from the at least one candidate node according to the blockchain credential of the at least one candidate node, and select a next node to jump to from the legitimate node according to a preset routing strategy, wherein the vector angle between each candidate node and the current node falls within a preset range.

In an optional implementation manner, each cluster has a corresponding system number identifier S _i , and the system number identifier S _i of each cluster is any one of stub S _i , multi-interface S _i , and forwarding S _i .

In an optional implementation manner, each satellite node carries a corresponding local preference value, and the local preference value is used to characterize the routing preference of the corresponding satellite node; selecting the next node to be jumped from the legal nodes according to the preset routing strategy includes:

From all legal nodes, select a legal node with the largest corresponding local preference value as the next node to be jumped.

In an optional implementation manner, selecting a next node to be jumped from a legal node according to a preset routing strategy includes:

Select one of the legal nodes with the shortest system number path S-PATH as the next node to be jumped; or,

From each legal node, select the one closest to the next-hop router NEXT-HOP as the next node to be jumped.

In an optional embodiment, the method further includes:

When the cluster to which the source node belongs is inconsistent with the cluster to which the destination node belongs, the source node routes to the first cluster head node after multiple jumps in its cluster, and the first cluster head node routes to the second cluster head node, and the second cluster head node routes to the destination node after multiple jumps in its cluster;

The first cluster head node refers to the cluster head node in the cluster to which the source node belongs, and the second cluster head node refers to the cluster head node in the cluster to which the destination node belongs.

In an optional implementation manner, the step of routing from the first cluster head node to the second cluster head node includes:

Obtain the subnet reachability information of the destination cluster through the inter-satellite blockchain, where the subnet reachability information is used to characterize the node attributes of the cluster head node in the destination cluster. The destination cluster refers to the cluster to which the destination node belongs.

Verifying the second cluster head node according to the subnet reachability information;

When the verification result is legal, the first cluster head node routes to the second cluster head node.

In an optional implementation manner, after selecting the next node to be jumped from each legal node by using a preset routing strategy, the method further includes:

Use heartbeat monitoring to monitor the relay time of the next node relative to the current node;

If the relay time exceeds the agreed time of the interstellar blockchain, the address of the next node will be added to the local blacklist and written into the interstellar blockchain.

In an optional implementation, after the address of the next node is added to the local blacklist and written into the interstellar blockchain, the process further includes:

Perform multiple rounds of iterative updates on the blockchain credentials of each satellite node in the cluster except the next node, where the following steps are performed in each round of iterative updates:

Sending a credential update request to its neighboring nodes through the update node, prompting the neighboring nodes to generate new blockchain credentials according to their updated authentication information, wherein the update node refers to the node that has generated the corresponding new blockchain credentials;

Until the cluster head node generates a new blockchain summary certificate based on all updated authentication information in a cluster, the iterative update operation is terminated.

In a second aspect, the present application provides a satellite network routing device, which is applied to a satellite network, wherein the satellite network has multiple clusters, each cluster includes a selected cluster head node and at least one satellite node corresponding to the cluster head node, in a cluster: each satellite node generates a corresponding blockchain certificate according to its authentication information and writes it into an inter-satellite blockchain, and the cluster head node generates a blockchain summary certificate of a cluster according to all authentication information of a cluster, and the device includes:

A routing request response module, used to respond to a routing request received by a source node of the satellite network and determine whether the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs;

The node routing module is used for routing from the source node to the destination node through multiple jumps within its cluster when the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs, wherein the following steps are performed in each jump:

Determine at least one candidate node associated with the current node, select a legal node from the at least one candidate node according to the at least one candidate node, and select the next node to jump to from the legal node according to a preset routing strategy, wherein the vector angle between each candidate node and the current node belongs to a preset range.

In an optional implementation manner, each cluster has a corresponding system number identifier S _i , and the system number identifier S _i of each cluster is any one of stub S _i , multi-interface S _i , and forwarding S _i .

In an optional implementation, each satellite node carries a corresponding local preference value, which is used to characterize the routing preference of the corresponding satellite node; the next node to be jumped to is selected from the legal nodes according to a preset routing strategy, and the node routing module is used to:

From all legal nodes, select a legal node with the largest corresponding local preference value as the next node to be jumped.

In an optional implementation manner, the next node to be jumped to is selected from the legal nodes according to a preset routing strategy, and the node routing module is used to:

Select one of the legal nodes with the shortest system number path S-PATH as the next node to be jumped; or,

From each legal node, select the one closest to the next-hop router NEXT-HOP as the next node to be jumped.

In an optional implementation manner, the node routing module is further used to:

When the cluster to which the source node belongs is inconsistent with the cluster to which the destination node belongs, the source node routes to the first cluster head node after multiple jumps in its cluster, and the first cluster head node routes to the second cluster head node, and the second cluster head node routes to the destination node after multiple jumps in its cluster;

The first cluster head node refers to the cluster head node in the cluster to which the source node belongs, and the second cluster head node refers to the cluster head node in the cluster to which the destination node belongs.

In an optional implementation manner, in the step of routing from the first cluster head node to the second cluster head node, the node routing module is specifically used to:

Obtain the subnet reachability information of the destination cluster through the inter-satellite blockchain, where the subnet reachability information is used to characterize the node attributes of the cluster head node in the destination cluster. The destination cluster refers to the cluster to which the destination node belongs.

Verifying the second cluster head node according to the subnet reachability information;

When the verification result is legal, the first cluster head node routes to the second cluster head node.

In an optional implementation manner, after selecting the next node to be jumped from each legal node by a preset routing strategy, the node routing module is further used to:

Use heartbeat monitoring to monitor the relay time of the next node relative to the current node;

If the relay time exceeds the agreed time of the interstellar blockchain, the address of the next node will be added to the local blacklist and written into the interstellar blockchain.

In an optional implementation, after the address of the next node is added to the local blacklist and written into the interstellar blockchain, the node routing module is further used to:

Perform multiple rounds of iterative updates on the blockchain credentials of each satellite node in the cluster except the next node, where the following steps are performed in each round of iterative updates:

Sending a credential update request to its neighboring nodes through the update node, prompting the neighboring nodes to generate new blockchain credentials according to their updated authentication information, wherein the update node refers to the node that has generated the corresponding new blockchain credentials;

Until the cluster head node generates a new blockchain summary certificate based on all updated authentication information in a cluster, the iterative update operation is terminated.

In a third aspect, an electronic device is provided, comprising a processor and a memory; wherein the memory stores instructions, and when the instructions are called by the processor, the processor executes any method as described in the first aspect above.

Compared with the prior art, this application has the following advantages:

One of the advantages of the present application is that the method registers each satellite node and cluster head node in the satellite network in the inter-satellite blockchain, and then when the source node of the satellite network receives a routing request and the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs, it can determine at least one candidate node associated with the current node, and select a legitimate node from at least one candidate node based on the blockchain certificate of at least one candidate node, and then select the next node to be jumped from the legitimate node according to the preset routing strategy. In this way, in each routing process, the blockchain certificate can be publicly verified to determine whether the transmission of the current node to the next node is credible, thereby ensuring the security and reliability of network transmission.

The second advantage of the present application is that the method forms multiple clusters in the satellite network by clustering the satellite network, then generates blockchain credentials in each cluster using the authentication information of the satellite nodes, and generates a blockchain summary credential for the cluster based on all the authentication information at the cluster head node, thereby enabling the inter-satellite blockchain to form a clustered hierarchical structure in the satellite network. In this way, in the event of an emergency (such as link interruption), the rapid convergence of blockchain transmission is achieved through intra-cluster updates, thereby reducing the burden of network-wide updates caused by multi-satellite routing.

The third advantage of the present application is that in this method, cluster head nodes can also publicly verify each other's subnet reachability information in the inter-satellite blockchain, thereby ensuring the security and reliability of network transmission between clusters.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings are included to provide a further understanding of the present application. They are included and constitute a part of the present application. The accompanying drawings illustrate embodiments of the present application and together with the present specification serve to explain the principles of the present application. In the accompanying drawings:

FIG1 is a topological diagram of a micro-nano satellite measurement and control network provided by an exemplary embodiment of the present application;

FIG2 is a flow chart of a satellite network routing method provided by an exemplary embodiment of the present application;

FIG3 is a schematic diagram of node hopping routing within a cluster provided by an exemplary embodiment of the present application;

FIG4 is a schematic diagram of inter-cluster node hopping routing provided by an exemplary embodiment of the present application;

FIG5 is a schematic diagram of a satellite network routing device provided by an exemplary embodiment of the present application;

FIG. 6 is a schematic diagram of an electronic device provided by an exemplary embodiment of the present application.

Detailed ways

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the following is a brief introduction to the drawings required for the description of the embodiments. Obviously, the drawings described below are only some examples or embodiments of the present application. For ordinary technicians in this field, the present application can also be applied to other similar scenarios based on these drawings without creative work. Unless it is obvious from the language environment or otherwise explained, the same reference numerals in the figures represent the same structure or operation.

As shown in this application and claims, unless the context clearly indicates an exception, the words "a", "an", "an" and/or "the" do not refer to the singular and may also include the plural. Generally speaking, the terms "comprises" and "includes" only indicate the inclusion of the steps and elements that have been clearly identified, and these steps and elements do not constitute an exclusive list. The method or device may also include other steps or elements.

It should be noted that “plurality” in this application means at least two.

The following will take the micro-nano satellite measurement and control network as a specific embodiment to explain in detail the steps of a satellite network routing method provided by this application. It aims to use blockchain technology to design a routing protocol for low-orbit satellite networks, and focuses on solving the practical problem of updating the convergence complexity of blockchain technology in satellite network security routing applications.

The micro-nano satellite measurement and control network described in this embodiment has multiple clusters, wherein the multiple clusters can be divided according to the orbital positions of the satellite nodes, or can be artificially divided according to the service priority of each satellite node in the network, and this application does not impose any restrictions on this.

Referring to FIG. 1 , a topology diagram of a micro-nano satellite measurement and control network provided in this embodiment is shown. This topology diagram exemplarily shows two clusters of the micro-nano satellite measurement and control network: cluster 1 and cluster 2. Specifically in FIG. 1 , the cluster 1 includes a selected cluster head node 1 and satellite nodes 1 to 4 corresponding to the cluster head node 1, and the cluster 2 includes a selected cluster head node 2 and satellite nodes 5 to 8 corresponding to the cluster head node 2.

In cluster 1, the actual data of satellite nodes 1 to 4 are as follows:

Orbital altitude: 1050km;

Orbital inclination: 53°;

Located in two adjacent orbital planes, the right ascension of the ascending node of these two adjacent orbital planes differs by 5°, and the true perigee differs by 3°.

Among them, cluster head node 1 is a large satellite node with higher on-board processing capability and communication capacity compared to satellite nodes 1-satellite nodes 4. There is a fixed inter-satellite link connection between cluster head node 1 and satellite node 3, and there is a fixed inter-satellite link connection between cluster head node 1 and satellite node 4.

In cluster 2, the actual data of satellite nodes 5 to 8 are as follows:

Orbital altitude: 1000km;

Orbital inclination: 48°;

Located in two adjacent orbital planes, the right ascension of the ascending node of these two adjacent orbital planes differs by 5°, and the true perigee differs by 3°.

Among them, cluster head node 2 is a large satellite node with higher on-board processing capability and communication capacity compared to satellite nodes 5-satellite nodes 8. There is a fixed inter-satellite link connection between cluster head node 2 and satellite node 7, and there is a fixed inter-satellite link connection between cluster head node 2 and satellite node 8.

In addition, cluster head node 1 and cluster head node 2 are also connected via an inter-satellite link.

In cluster 1, satellite node 1 has fixed inter-satellite link connections with satellite node 2 and satellite node 3 respectively, and satellite node 4 has fixed inter-satellite link connections with satellite node 3 and satellite node 2 respectively.

Optionally, transmission is preferentially performed on a fixed connection between satellite node 1 and satellite node 2 ; and transmission is preferentially performed on a fixed connection between satellite node 3 and cluster head node 1 .

In cluster 2, satellite node 5 has fixed inter-satellite link connections with satellite node 6 and satellite node 7 respectively, and satellite node 8 has fixed inter-satellite link connections with satellite node 6 and satellite node 7 respectively.

Optionally, transmission is preferentially performed on a fixed connection between satellite node 5 and satellite node 6 ; and transmission is preferentially performed on a fixed connection between satellite node 7 and cluster head node 2 .

In this embodiment, satellite nodes 1-4 each generate a corresponding blockchain certificate based on their authentication information, and write the blockchain certificate into the intersatellite blockchain. Cluster head node 1 generates a blockchain summary certificate for cluster 1 based on all authentication information in the cluster, and also writes the blockchain summary certificate of cluster 1 into the intersatellite blockchain. Similarly, satellite nodes 5-8 each generate a corresponding blockchain certificate based on their authentication information and write it into the intersatellite blockchain. Cluster head node 2 generates a blockchain summary certificate for cluster 2 based on all authentication information in the cluster, and also writes the blockchain summary certificate of cluster 2 into the intersatellite blockchain.

Based on the above method, in the micro-nano satellite measurement and control network exemplarily proposed in this embodiment, cluster head node 1, cluster head node 2, satellite node 1-satellite node 8 are all registered on the inter-satellite blockchain. After the registration is completed, a selected satellite node or cluster head node can create a smart contract on the inter-satellite blockchain, and distribute the smart contract address to all satellite nodes and cluster head nodes, so that these satellite nodes and cluster head nodes can participate in routing in the subsequent process.

In this embodiment, the authentication information of each satellite node includes, for example, the transit time of the satellite node, the corresponding terminal location, the corresponding cluster location, etc. The cluster head node generates a blockchain summary certificate of the cluster based on the authentication information.

In this embodiment, a corresponding system number identifier S _i may be assigned to each cluster, and the system number identifier S _i may be any one of the following: stub S _i , multi-interface S _i , and forwarding S _i .

Exemplarily, in the micro-nano satellite tracking and control network, cluster 1 has a multi-interface system number identifier S ₁ , and cluster 2 has a forwarding interface system number identifier S ₂ .

In this embodiment, a corresponding local preference value may be assigned to each satellite node, and the local preference value is used to represent the routing preference of the corresponding satellite node.

Exemplarily, the local preference value may be set according to the node attributes of the satellite node, such as the system number identification category of the cluster corresponding to the satellite node, the inter-cluster classification (such as intra-cluster node or cluster head node), function, etc.

Based on the above topology, referring to FIG. 2 , a flow chart of a satellite network routing method provided by this embodiment includes:

S201, in response to a routing request received by a source node of a satellite network, determining whether the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs; if so, executing S202, otherwise, executing S203.

Specifically, the source node refers to the satellite node that receives the routing request, and the destination node refers to the satellite node associated with the gateway that needs to be reached.

S202, the source node routes to the destination node through multiple jumps within its cluster, wherein the following steps are performed in each jump: determining at least one candidate node associated with the current node, selecting a legitimate node from the at least one candidate node according to the blockchain certificate of the at least one candidate node, and selecting the next node to be jumped from the legitimate node according to a preset routing strategy.

Specifically, the vector angle between each candidate node and the current node is within a preset range. The vector angle refers to the angle formed between each candidate node and the current node in space. In this embodiment, the preset range is, for example, [0, 180°].

The following methods can be used to select the next node according to the preset routing strategy: 1) Select the legal node with the highest local preference value as the next node; 2) Select one with the shortest system number path S-PATH from the legal nodes as the next node to be jumped to; 3) Select one of the legal nodes closest to the next hop router NEXT-HOP as the next node to be jumped to.

It is worth noting that, in this embodiment, the above methods can be used independently or in sequence. Exemplarily, the most suitable next node can be found in the order of priority 1)-2)-3).

For example, in one possible case, the legal node with the highest local preference value is preferentially selected as the next node, but when multiple legal nodes have the same highest local preference value, one with the shortest system number path S-PATH is selected from the multiple legal nodes as the next node.

For another example, when multiple legal nodes have the shortest system number path S-PATH, one of the multiple legal nodes closest to the next-hop router NEXT-HOP may be selected as the next node to be jumped to.

Take satellite node 1 as the source node and satellite node 4 as the destination node as an example. As shown in Figure 3, when satellite node 1 receives a routing request, it calls the smart contract on the intersatellite blockchain to read the blockchain credentials of satellite node 2 and satellite node 3, and then verifies satellite node 2 and satellite node 3 according to the blockchain credentials. When the verification result passes, the next node to be jumped is selected from satellite node 2 and satellite node 3 according to the preset routing strategy: satellite node 2. Similarly, after the route is relayed to satellite node 2, satellite node 4 is verified according to the blockchain credentials of satellite node 4 associated with it. When the verification result passes, the next node is selected according to the preset routing strategy: satellite node 4.

S203, the source node routes to the first cluster head node after multiple jumps in its cluster, and the first cluster head node routes to the second cluster head node, and the second cluster head node routes to the destination node after multiple jumps in its cluster.

Specifically, the first cluster head node refers to the cluster head node in the cluster to which the source node belongs, and the second cluster head node refers to the cluster head node in the cluster to which the destination node belongs.

In each jump within the cluster, at least one candidate node associated with the current node is determined. The current node can call the smart contract on the interstellar blockchain to read the blockchain credentials of each candidate node associated with it, and select a legitimate node from at least one candidate node according to the blockchain credentials of at least one candidate node. The legitimate node can be one or more, and the source node selects a suitable node from one or more legitimate nodes according to the preset routing strategy until the routing is completed to the first cluster head node.

The first cluster head node obtains the subnet reachability information of the second cluster head node in the destination cluster through the inter-satellite blockchain. The destination cluster refers to the cluster to which the destination node belongs. The subnet reachability information is used to characterize the node attributes of the cluster head node in the destination cluster. Since cluster head nodes can also publicly verify each other's subnet reachability information in the inter-satellite blockchain, the reliability of inter-cluster transmission is guaranteed. The second cluster head node is verified according to the subnet reachability information. If the verification result passes, the first cluster head node routes to the second cluster head node.

Take satellite node 1 as the source node and satellite node 7 as the destination node as an example. As shown in Figure 4, when satellite node 1 receives a routing request, it routes to cluster head node 1 after multiple jumps in cluster 1 according to the above method. Then, cluster head node 1 verifies cluster head node 2 according to the subnet reachability information of cluster 2. When the verification result passes, cluster head node 1 routes to cluster head node 2. Then, cluster head node 2 verifies satellite node 7 according to the blockchain certificate of satellite node 7 associated with it. When the verification result passes, the next node is selected as the destination node according to the preset routing strategy, that is, satellite node 7.

In one possible implementation, a heartbeat monitoring method is used to monitor the relay time of the next node relative to the current node; if the relay time exceeds the agreed time of the smart contract, the address of the next node is added to the local blacklist and written into the interstellar blockchain. In this way, the adverse effects on network transmission caused by delayed or interrupted relay of some nodes can be minimized to ensure maximum network transmission.

Furthermore, when the next node fails to relay, that is, the link is interrupted, multiple rounds of iterative updates can be performed on the blockchain credentials of each satellite node in the cluster except the next node. Specifically, in each round of iterative updates, the update node sends a credential update request to its adjacent node, prompting the adjacent node to generate a new blockchain credential based on its updated authentication information, wherein the update node refers to the node that has generated the corresponding new blockchain credential. In this way, the iterative update is terminated until the cluster head node generates a new blockchain summary credential based on all updated authentication information in a cluster. It can be seen that since the satellite network proposed in this application adopts a clustering and layering approach, when the link is interrupted and the blockchain needs to be updated, the blockchain update performed in the cluster where the link is interrupted will not affect the satellite nodes in other clusters. Therefore, this method can achieve rapid convergence of blockchain update transmission, thereby reducing the burden of network-wide updates brought by multi-satellite routing.

Further, referring to FIG. 5 , the present application provides a satellite network routing device, wherein the satellite network has multiple clusters, each cluster includes a selected cluster head node and at least one satellite node corresponding to the cluster head node, each satellite node generates a corresponding blockchain certificate according to its authentication information and writes it into the inter-satellite blockchain, and the cluster head node generates a blockchain summary certificate of a cluster according to all authentication information of a cluster, and the device includes:

The routing request response module 501 is used to respond to the routing request received by the source node of the satellite network and determine whether the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs;

The node routing module 502 is used for routing from the source node to the destination node through multiple jumps within its cluster when the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs, wherein the following steps are performed in each jump:

Determine at least one candidate node associated with the current node, select a legitimate node from the at least one candidate node according to the blockchain credential of the at least one candidate node, and select a next node to jump to from the legitimate node according to a preset routing strategy, wherein the vector angle between each candidate node and the current node falls within a preset range.

In an optional implementation manner, each cluster has a corresponding system number identifier S _i , and the system number identifier S _i of each cluster is any one of stub S _i , multi-interface S _i , and forwarding S _i .

In an optional implementation, each satellite node carries a corresponding local preference value, which is used to characterize the routing preference of the corresponding satellite node; the next node to be jumped to is selected from the legal nodes according to a preset routing strategy, and the node routing module 502 is used to:

From all legal nodes, select a legal node with the largest corresponding local preference value as the next node to be jumped.

In an optional implementation, the next node to be jumped to is selected from the legal nodes according to a preset routing strategy, and the node routing module 502 is used to:

Select one of the legal nodes with the shortest system number path S-PATH as the next node to be jumped; or,

From each legal node, select the one closest to the next-hop router NEXT-HOP as the next node to be jumped.

In an optional implementation manner, the node routing module 502 is further configured to:

When the cluster to which the source node belongs is inconsistent with the cluster to which the destination node belongs, the source node routes to the first cluster head node after multiple jumps in its cluster, and the first cluster head node routes to the second cluster head node, and the second cluster head node routes to the destination node after multiple jumps in its cluster;

The first cluster head node refers to the cluster head node in the cluster to which the source node belongs, and the second cluster head node refers to the cluster head node in the cluster to which the destination node belongs.

In an optional implementation manner, in the step of routing from the first cluster head node to the second cluster head node, the node routing module 502 is specifically used to:

Obtain the subnet reachability information of the destination cluster through the inter-satellite blockchain, where the subnet reachability information is used to characterize the node attributes of the cluster head node in the destination cluster. The destination cluster refers to the cluster to which the destination node belongs.

Verifying the second cluster head node according to the subnet reachability information;

When the verification result is legal, the first cluster head node routes to the second cluster head node.

In an optional implementation manner, after selecting the next node to be jumped from each legal node by a preset routing strategy, the node routing module 502 is further used to:

Use heartbeat monitoring to monitor the relay time of the next node relative to the current node;

If the relay time exceeds the agreed time of the interstellar blockchain, the address of the next node will be added to the local blacklist and written into the interstellar blockchain.

In an optional implementation, after adding the address of the next node to the local blacklist and writing it into the interstellar blockchain, the node routing module 502 is further used to:

Perform multiple rounds of iterative updates on the blockchain credentials of each satellite node in the cluster except the next node, where the following steps are performed in each round of iterative updates:

Sending a credential update request to its neighboring nodes through the update node, prompting the neighboring nodes to generate new blockchain credentials according to their updated authentication information, wherein the update node refers to the node that has generated the corresponding new blockchain credentials;

Until the cluster head node generates a new blockchain summary certificate based on all updated authentication information in a cluster, the iterative update operation is terminated.

Referring to FIG. 6 , the present application further provides an electronic device, the electronic device comprising:

Memory 601; and

Processor 602, the memory 1101 stores instructions, and when the instructions are called by the processor, the processor executes the steps of any of the satellite network routing methods described above.

It should be understood that the processor mentioned in the embodiments of the present application may be a CPU, or other general-purpose processors, DSPs, ASICs, FPGAs or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general-purpose processor may be a microprocessor or the processor may be any conventional processor, etc.

It should also be understood that the memory mentioned in the embodiments of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memories. Among them, the non-volatile memory may be a read-only memory (ROM), a programmable read-only memory, an erasable programmable read-only memory, an electrically erasable programmable read-only memory, or a flash memory. The volatile memory may be a random access memory (RAM), which is used as an external cache. By way of example but not limitation, many forms of RAM are available, such as static random access memory, dynamic random access memory, synchronous dynamic random access memory, double data rate synchronous dynamic random access memory, enhanced synchronous dynamic random access memory, synchronously connected dynamic random access memory, and direct memory bus random access memory.

It should be noted that when the processor is a general-purpose processor, DSP, ASIC, FPGA or other programmable logic device, discrete gate or transistor logic device, discrete hardware component, the memory (storage module) is integrated in the processor.

The present application provides a satellite network routing method, device and electronic device. By registering each satellite node and cluster head node in the satellite network in the inter-satellite blockchain, when a source node of the satellite network receives a routing request and the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs, at least one candidate node associated with the current node can be determined, and a legitimate node is selected from the at least one candidate node according to the blockchain certificate of the at least one candidate node, and then the next node to be jumped to is selected from the legitimate node according to a preset routing strategy. In this way, in each routing process, whether the transmission of the current node to the next node is credible is judged in a publicly verifiable manner through the blockchain certificate, thereby ensuring the security and reliability of network transmission.

The present application also forms multiple clusters in the satellite network by clustering the satellite network, and then generates blockchain credentials in each cluster using the authentication information of the satellite nodes, and generates a blockchain summary credential for the cluster based on all the authentication information at the cluster head node, thereby forming a clustered hierarchical structure of the inter-satellite blockchain in the satellite network. In this way, in the event of an emergency (such as link interruption), the rapid convergence of blockchain transmission is achieved through intra-cluster updates, thereby reducing the burden of network-wide updates caused by multi-satellite routing.

The present application also ensures the security and reliability of network transmission between clusters by enabling cluster head nodes to publicly verify each other's subnet reachability information in the inter-satellite blockchain.

The basic concepts have been described above. Obviously, for those skilled in the art, the above invention disclosure is only used as an example and does not constitute a limitation of the present application. Although not explicitly stated herein, those skilled in the art may make various modifications, improvements and amendments to the present application. Such modifications, improvements and amendments are suggested in the present application, so such modifications, improvements and amendments still belong to the spirit and scope of the exemplary embodiments of the present application.

At the same time, the present application uses specific words to describe the embodiments of the present application. For example, "one embodiment", "an embodiment", and/or "some embodiments" refer to a certain feature, structure or characteristic related to at least one embodiment of the present application. Therefore, it should be emphasized and noted that "one embodiment" or "an embodiment" or "an alternative embodiment" mentioned twice or more in different positions in this specification does not necessarily refer to the same embodiment. In addition, some features, structures or characteristics in one or more embodiments of the present application can be appropriately combined.

Some aspects of the present application may be performed entirely by hardware, entirely by software (including firmware, resident software, microcode, etc.), or by a combination of hardware and software. The above hardware or software may be referred to as "data blocks", "modules", "engines", "units", "components" or "systems". The processor may be one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DAPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), processors, controllers, microcontrollers, microprocessors, or combinations thereof. In addition, various aspects of the present application may be expressed as computer products located in one or more computer-readable media, which include computer-readable program codes. For example, computer-readable media may include, but are not limited to, magnetic storage devices (e.g., hard disks, floppy disks, tapes ...), optical disks (e.g., compact disks CDs, digital versatile disks DVDs ...), smart cards, and flash memory devices (e.g., cards, sticks, key drives ...).

A computer readable medium may include a propagated data signal containing computer program code, such as in baseband or as part of a carrier wave. The propagated signal may have a variety of manifestations, including electromagnetic, optical, etc., or a suitable combination. A computer readable medium may be any computer readable medium other than a computer readable storage medium, which can be connected to an instruction execution system, device or equipment to communicate, propagate or transmit the program for use. The program code located on the computer readable medium can be transmitted through any suitable medium, including radio, cable, fiber optic cable, radio frequency signal, or similar medium, or any combination of the above mediums.

Similarly, it should be noted that in order to simplify the description of the disclosure of this application and thus help understand one or more embodiments of the invention, in the above description of the embodiments of this application, multiple features are sometimes combined into one embodiment, figure or description thereof. However, this disclosure method does not mean that the features required by the object of this application are more than the features mentioned in the claims. In fact, the features of the embodiments are less than all the features of the single embodiment disclosed above.

In some embodiments, numbers describing the number of components and attributes are used. It should be understood that such numbers used in the description of the embodiments are modified by the modifiers "about", "approximately" or "substantially" in some examples. Unless otherwise specified, "about", "approximately" or "substantially" indicate that the numbers are allowed to vary by ±20%. Accordingly, in some embodiments, the numerical parameters used in the specification and claims are approximate values, which may change according to the required features of individual embodiments. In some embodiments, the numerical parameters should take into account the specified significant digits and adopt the general method of retaining digits. Although the numerical domains and parameters used to confirm the breadth of their range in some embodiments of the present application are approximate values, in specific embodiments, the setting of such numerical values is as accurate as possible within the feasible range.

Although the present application has been described with reference to the current specific embodiments, ordinary technicians in this technical field should recognize that the above embodiments are only used to illustrate the present application, and various equivalent changes or substitutions may be made without departing from the spirit of the present application. Therefore, as long as the changes and modifications to the above embodiments are within the essential spirit of the present application, they will fall within the scope of the claims of the present application.

Claims (10)

1. A satellite network routing method, characterized in that it is applied to a satellite network, wherein the satellite network has multiple clusters, and the multiple clusters are divided according to the orbital position or service priority of the satellite node, and each cluster includes a selected cluster head node and at least one satellite node corresponding to the cluster head node, wherein in a cluster: each satellite node generates a corresponding blockchain certificate according to its authentication information and writes it into the inter-satellite blockchain, and the cluster head node generates a blockchain summary certificate of the cluster according to all the authentication information of the cluster, and the method includes: In response to a routing request received by a source node of the satellite network, determining whether a cluster to which the source node belongs is consistent with a cluster to which a destination node belongs; When the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs, the source node routes to the destination node through multiple jumps within its cluster, wherein the following steps are performed in each of the jumps: Determine at least one candidate node associated with the current node, select a legitimate node from the at least one candidate node according to the blockchain credential of the at least one candidate node, and select a next node to jump to from the legitimate node according to a preset routing strategy, wherein the vector angle between each candidate node and the current node falls within a preset range. 2. The method according to claim 1, wherein each cluster has a corresponding system number identifier S _i , and the system number identifier S _i of each cluster is any one of stub S _i , multi-interface S _i , and forwarding S _i . 3. The method according to claim 2, wherein each satellite node carries a corresponding local preference value, and the local preference value is used to characterize the routing preference of the corresponding satellite node; and the step of selecting the next node to be jumped from the legal nodes according to a preset routing strategy comprises: From the legal nodes, a legal node with the largest corresponding local preference value is selected as the next node to be jumped. 4. The method according to claim 2, wherein the step of selecting the next node to be jumped from the legal nodes according to a preset routing strategy comprises: Selecting one of the legal nodes with the shortest system number path S-PATH as the next node to be jumped; or, Select one of the legal nodes that is closest to the next-hop router NEXT-HOP as the next node to be jumped to. 5. The method according to claim 1, further comprising: When the cluster to which the source node belongs is inconsistent with the cluster to which the destination node belongs, the source node routes to the first cluster head node after multiple jumps in its cluster, and the first cluster head node routes to the second cluster head node, and the second cluster head node routes to the destination node after multiple jumps in its cluster; The first cluster head node is a cluster head node in the cluster to which the source node belongs, and the second cluster head node is a cluster head node in the cluster to which the destination node belongs. 6. The method according to claim 5, wherein the step of routing from the first cluster head node to the second cluster head node comprises: Obtaining subnet reachability information of a destination cluster through the interstellar blockchain, wherein the subnet reachability information is used to characterize a node attribute of a cluster head node in the destination cluster, and the destination cluster refers to a cluster to which the destination node belongs; Verifying the second cluster head node according to the subnet reachability information; When the verification result is legal, the first cluster head node performs routing to the second cluster head node. 7. The method according to claim 1, characterized in that after the step of selecting the next node to be jumped from the legal nodes according to the preset routing strategy, it also includes: Using a heartbeat monitoring method to monitor the relay time of the next node relative to the current node; If the relay time exceeds the agreed time of the intersatellite blockchain, the address of the next node is added to the local blacklist and written into the intersatellite blockchain. 8. The method according to claim 7, characterized in that after the step of adding the address of the next node into the local blacklist and writing it into the interstellar blockchain, it also includes: Perform multiple rounds of iterative updates on the blockchain credentials of each satellite node in the cluster except the next node, wherein in each round of iterative updates, the following steps are performed: Sending a credential update request to its neighboring nodes through the update node, prompting the neighboring nodes to generate new blockchain credentials according to their updated authentication information, wherein the update node refers to the node that has generated the corresponding new blockchain credentials; Until the cluster head node generates a new blockchain summary certificate according to all updated authentication information in the cluster, the iterative update operation is terminated. 9. A satellite network routing device, characterized in that it is applied to a satellite network, the satellite network has multiple clusters, the multiple clusters are divided according to the orbital position or service priority of the satellite node, each cluster includes a selected cluster head node and at least one satellite node corresponding to the cluster head node, in a cluster: each satellite node generates a corresponding blockchain certificate according to its authentication information and writes it into the inter-satellite blockchain, the cluster head node generates a blockchain summary certificate of the cluster according to all the authentication information of the cluster, and the device includes: A routing request response module, configured to respond to a routing request received by a source node of the satellite network and determine whether the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs; A node routing module is used for routing from the source node to the destination node through multiple jumps within its cluster when the cluster to which the source node belongs is consistent with the cluster to which the destination node belongs, wherein the following steps are performed in each jump: Determine at least one candidate node associated with the current node, select a legitimate node from the at least one candidate node according to the blockchain credential of the at least one candidate node, and select a next node to jump to from the legitimate node according to a preset routing strategy, wherein the vector angle between each candidate node and the current node falls within a preset range. 10. An electronic device, comprising a processor and a memory; the memory stores instructions, and when the instructions are called by the processor, the processor executes the method according to any one of claims 1 to 8.