共查询到20条相似文献,搜索用时 75 毫秒
1.
2.
随着多网融合的发展,独立自治域网络之间的高效互联互通已成为一个关键理论技术问题。由于域内信息的私密性,各自治域之间不会共享相关的数据,传统的域间路由协议无法提供高效的跨域路由机制。为克服现有协议存在的不足,提出了一种基于机器学习的联邦路由机制,该机制通过各自治域的神经网络模型和参数隐式地共享域内信息,不仅可打破现存的数据孤岛问题,还可极大地减少域间信息共享所需要传输的数据量,进而降低全网路由信息收敛时延,基于该联邦路由机制,边界路由器也能够根据全网状态信息制定全局的优化路由转发策略。 相似文献
3.
4.
网络身份管理是网络空间安全防护的重要组成部分。随着信息技术和应用的发展,面对海量异构的身份管理、跨网跨域信任服务和身份隐私保护需求,传统中心式的网络身份管理体系和机制存在身份管理平台多样且互通性差、跨域身份管理可信评价难、身份隐私信息易泄露及多态跨域网络实体行为监管困难等诸多问题。基于区块链技术设计异构身份联盟与监管体系,以网络身份管理系统作为联盟链节点,为异构的网络身份提供统一身份标识、属性登记和跨域核验、实体可信度动态评价、身份隐私保护以及实体行为监管等关键技术机制;为融合已存在的多种异构身份管理系统,打造身份提供方、监管方和用户之间的和谐共生关系,提出了一种新的解决思路。 相似文献
5.
6.
7.
8.
针对现有域间路由监测系统的不足,提出一种监测域间路由的系统模型。该模型基于BGP路由表监测或BGP报文更新监测两种技术之上,能利用Internet拓扑特性来检测异常路由,从而达到监测域间路由系统的目的。并对视图的完整性和监测网络的构造等模型相关问题进行了深入探讨。 相似文献
9.
10.
针对域间流量特点,提出一种基于前缀的域间流量控制算法。利用遗传算法求解出传输自治系统中不同前缀的出口选择和域内各条链路的OSPF权重的优化解,再利用边界网关协议(BGP)对不同的前缀进行相应的通告来控制域间出流量,使域间流量分布更合理。 相似文献
11.
Mobile IPv6 is only adapted to the mobile’s movements within its own administrative domain. As Mobile IPv6 is expected to be the basis for beyond 3G networks, a solution for inter-domain security is required allowing the visited domain to authenticate any mobile to grant it access. As such, new concepts known as AAA for Authentication, Authorization, Accounting were defined by the IETF. The IETF is currently defining the Diametr protocol to support those three functions in a Mobile IPv4 environment. Today’s difficulty is to adapt the Diameter protocol to Mobile IPv6. After introducing the Mobile IPv6, IPsec and Diameter protocols, this paper presents our solution (IETF draft of December 2001), and an IETF alternative for adapting Diameter to Mobile IPv6. It gives a comparison and describes our prototype. 相似文献
12.
Modeling the routing of an autonomous system with C-BGP 总被引:1,自引:0,他引:1
Today, the complexity of ISPs' networks make it difficult to investigate the implications of internal or external changes on the distribution of traffic across their network. In this article we explain the complexity of building models of large ISPs' networks. We describe the various aspects important to understanding the routing inside an AS. We present an open source routing solver, C-BGP, that eases the investigation of changes in the routing or topology of large networks. We illustrate how to build a model of an ISP on a real transit network and apply the model on two "what-if" scenarios. The first scenario studies the impact of chances in the Internet connectivity of a transit network. The second investigates the impact of failures in its internal topology. 相似文献
13.
审计是一种基本而且重要的安全机制,其目的是检测和威慑非法进入系统的行为和识别用户对系统的误用。在简要介绍信息安全审计的基础上,通过建立审计日志数据库、收集审计证据以及进行审计日志的管理等,探讨实现信息系统审计的技术方法。 相似文献
14.
针对现有多Agent系统易受到恶意攻击、难以验证代理身份及代理间难以建立信任机制等安全问题,围绕多Agent分层系统架构,提出一种采用基于数字签名和非对称加密的多Agent通信加密方法,有效保证了通信环节的系统安全,防范了Agent代理身份被冒用。基于动态博弈对抗的思路,在多Agent体系评估的基础上,利用贪婪算法和遗传算法优化多Agent系统安全选择策略,提高了防御者在攻防博弈中获胜概率并缩短了攻防博弈轮次,保证了通信环节的安全防御,防止Agent代理信息被攻击者窃取。 相似文献
15.
Power-efficient routing mechanism for ODMA systems 总被引:2,自引:0,他引:2
Opportunity driven multiple access (ODMA), a cellular multihop method proposed for Universal Mobile Telecommunications Systems, potentially allows reduction in power consumption of user equipment (UE), extending Node B's coverage and supporting higher user data rate. However, ODMA requires extra power for discovering relaying nodes and introduces additional transmission latency in data transfer. This paper offers enlightenment to these ODMA implementation problems. A power-efficient routing (PER) mechanism is proposed to identify a minimum-power path for ODMA communication. Prior to the route (or path) discovery, the PER mechanism utilizes an analytical solution to estimate the total power and number of intermediate UEs required in the minimum-power path. With the estimation, route discovery procedures originating from nonattainable ODMA requests can be prevented. For those attainable ODMA requests that require a route discovery procedure to locate intermediate UEs, the PER mechanism further provides a method to set the transmission power and maximum hop count. Hence, the power consumption of each UE during route discovery is significantly reduced. Simulation results coincided with the analysis, and the results demonstrate the performance improvement of PER over dynamic source routing. 相似文献
16.
针对Android应用程序滥用权限造成用户隐私泄露的问题,开发了一款音乐播放器为实例,分析了其恶意操作的原理,反映了Android自身安全机制存在着不足,然后分析了Android市场上两类权限控制软件的优缺点,在此基础上结合两者的优点,并加以改进,加入了静态分析策略kirin,改进了动态分析策略集,设计了一款对权限滥用进行有效控制的系统。 相似文献
17.
In networks that use label swapping routing, like ATM, inconsistent routing tables, due to either incorrect setups or memory failures, may result in infinite looping of packets. This work proposes and analyzes a method for ensuring self-termination in such networks. The method is based on imposing linear order on the labels chosen by the stations along the route during connection setup, and on a simple on-line check performed by every station upon making routing decisions. We then analyze the probability of connection setup failure due to the linear order constraint, and show that it is very small 相似文献
18.
铁玲 《信息安全与通信保密》2007,(8):109-111
下一代移动网络提供一种方法支持移动用户在异构的接入网络之间漫游。我们需要在不同的移动管理域之间建立信任关系。在这篇文章中,提出了基于公钥密钥交换协议的互域网移动性的新的安全最优化路由协议。移动节点之间的信息交换将比通常的方法少。 相似文献
19.
20.
从构建准确的频谱态势图,实现频率资源充分利用的角度出发,针对目前在构建频谱态势图时没有考虑恶意用户(Malicious User,MU)存在的情况,结合克里金(Kriging)插值法估计空域内频谱干扰态势,通过地理位置检测方案识别MU,从而构建更准确、更安全的频谱态势图,并将其用于端到端的路由协议中。仿真结果表明,该方案能构建完整的频谱态势图,平均误差仅为0.106 dBm,能准确识别恶意用户,识别率高于80%;并且通过识别MU,在基于频谱态势图的路由过程中,可以减少路由跳数,增加可用频谱空间。 相似文献