CN114070626A - Network security policy decision method combining edge calculation - Google Patents
Network security policy decision method combining edge calculation Download PDFInfo
- Publication number
- CN114070626A CN114070626A CN202111357877.2A CN202111357877A CN114070626A CN 114070626 A CN114070626 A CN 114070626A CN 202111357877 A CN202111357877 A CN 202111357877A CN 114070626 A CN114070626 A CN 114070626A
- Authority
- CN
- China
- Prior art keywords
- edge
- strategy
- policy
- forwarder
- engine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 230000005540 biological transmission Effects 0.000 claims abstract description 43
- 238000004891 communication Methods 0.000 claims description 29
- 238000012545 processing Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 3
- 239000013307 optical fiber Substances 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of network security policy decision, in particular to a network security policy decision method combined with edge calculation, which comprises the following steps: step 1: when the strategy engine and the edge forwarder are started, the strategy engine firstly obtains a network transmission protocol attribute strategy from a strategy database and sends the strategy to the edge forwarder; step 2: the edge forwarder configures the network transmission protocol attribute strategy to a route forwarding module; by arranging the edge forwarder, the network transmission protocol attribute strategy decision is sent to the edge forwarder for edge decision and execution, and the destination of the data packet is determined according to the decision result, so that the frequency of strategy decision by the strategy engine is reduced, the data packet processing is more flexible, and the request data packet between the edge forwarder and the strategy engine is reduced.
Description
Technical Field
The invention belongs to the technical field of network security policy decision, and particularly relates to a network security policy decision method.
Background
With the rapid development and application of computer and network technologies, the world has entered a highly information-oriented era, and network technologies have been integrated into every corner of our lives. In the process of network communication, the network transmission efficiency is taken as a crucial factor, and the safe transmission of data is often greatly influenced. With the continuous development of optical fiber broadband, the network speed is from the first ten megabits to the present giga or even ten million.
As shown in fig. 2, the conventional network data security transmission system based on attribute policy decision involves five parts, namely, user equipment, resource equipment, a repeater, an attribute-based policy decision engine (hereinafter referred to as policy engine) and a policy attribute database (hereinafter referred to as policy database). The user equipment carries out data communication to the resource equipment through an encryption tunnel generated between the edge forwarder and the forwarder, the edge forwarder requests a strategy to the strategy engine after receiving the communication user request message, the strategy engine carries out strategy decision after receiving the strategy request, and pushes a decision result to the edge forwarder.
Therefore, the existing network data security transmission system based on attribute policy decision has the design defect that when an edge forwarder receives any new session data packet, the edge forwarder sends a request packet to a policy engine for policy decision, the average time of each request is about ms, so that the decision pressure generated by all the request packets is concentrated on the policy engine, the performance of the policy engine forms a bottleneck, the throughput forwarded by the edge forwarder can only reach about 1Gbps, the forwarding delay is large, and the information transmission capability is difficult to meet the actual application scene of a ten-gigabit optical fiber, so that a network security policy decision method combined with edge calculation is provided.
Disclosure of Invention
The invention aims to overcome the technical problem of the prior art, and provides a network security policy decision method combined with edge computing, which aims to solve the problems that when an edge repeater receives any new session data packet, the edge repeater sends a request packet to a policy engine for policy decision, the average time of each request is about ms, so that the decision pressure generated by all the request packets is concentrated on the policy engine, the performance of the policy engine forms a bottleneck, the throughput forwarded by the edge repeater can only reach about 1Gbps, the forwarding delay is large, and the information transmission capability is difficult to meet the actual application scene of a ten-gigabit optical fiber.
In order to achieve the purpose, the invention provides the following technical scheme: a network security policy decision method combining edge calculation comprises the following steps:
step 1: when the strategy engine and the edge forwarder are started, the strategy engine firstly obtains a network transmission protocol attribute strategy from a strategy database and sends the strategy to the edge forwarder;
step 2: the edge forwarder configures the network transmission protocol attribute strategy to a route forwarding module;
and step 3: when a resource data packet requested by a user is transmitted to the edge forwarder, a routing forwarding module of the edge forwarder makes an edge policy decision according to a network transmission protocol attribute policy;
and 4, step 4: a packet forwarding path is determined.
Preferably, the policy engine is in communication connection with the policy database, and the policy engine is in communication connection with the edge forwarder;
the strategy engine is used for searching a corresponding attribute strategy from the strategy database and making a strategy decision;
the policy database is used for storing policies and policy attributes.
Preferably, the edge forwarder comprises a routing forwarding module, an original packet discarding module, an original packet forwarding module and a tunnel encryption forwarding module;
the route forwarding module is used for making an edge policy decision;
the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are respectively used for forwarding the data packet according to different paths.
Preferably, the step 3 comprises the following steps:
step 3.1: a user requests resource data from resource equipment through user equipment;
step 3.2: transmitting the resource data packet requested by the user to the edge forwarder;
step 3.3: a route forwarding module of the edge forwarder makes an edge policy decision according to a network transmission protocol attribute policy;
the user equipment is in communication connection with an edge transponder, the resource equipment is in communication connection with a transponder, and the transponder is in communication connection with a policy engine;
the user equipment is used for requesting resource data;
the resource device is used for providing resource data;
the edge forwarder is operable to receive a resource access message, request a policy from a policy engine, and form a communication encryption tunnel with the forwarder.
Preferably, the step 1 comprises the following steps:
step 1.1: four types of attribute strategies exist in the strategy database, and when the strategy engine is started, four strategies are obtained from the strategy database;
step 1.2: the policy database passes the policy to the policy engine;
step 1.3: and the strategy engine issues the network transmission protocol attribute to the edge forwarder.
Preferably, the forwarding path in step 4 includes the following three paths:
path one: an original packet discarding path, that is, a data packet needs to be forwarded to an original packet discarding module to execute a discarding operation;
and a second route: an original packet forwarding path, that is, a data packet needs to be forwarded to an original packet forwarding module for normal forwarding of the original packet;
path three: and a tunnel encryption forwarding path, that is, the data packet needs to be forwarded to a tunnel encryption module for encryption forwarding.
Preferably, before encrypting the data in the third path, the edge forwarder needs to send other policy request messages to the policy decision engine, and after receiving the policy issued by the policy engine, the edge forwarder generates an encryption tunnel with another forwarder to complete encryption communication.
Preferably, the policy attributes in the policy database have four types of attributes, which are a network transmission protocol attribute, a time attribute, a user ID attribute, and an application layer attribute.
Preferably, the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are electrically connected to the route forwarding module.
Preferably, the edge transponder and the other transponder perform encrypted communication through an encryption tunnel.
Compared with the prior art, the invention provides a network security policy decision method combined with edge calculation, which has the following beneficial effects:
1. the invention sets the edge transponder, issues the network transmission protocol attribute strategy decision to the edge transponder for edge decision and execution, and decides the destination of the data packet according to the decision result, thereby reducing the strategy decision frequency of the strategy engine, processing the data packet more flexibly, and reducing the request data packet between the edge transponder and the strategy engine;
2. according to the invention, by arranging the edge repeater and the strategy engine, the edge repeater carries out marginalized strategy calculation and decision on the original basis, part of the capacity of the strategy decision is given to the edge repeater, and the edge repeater carries out the next step of forwarding operation after making the strategy decision, so that the pressure of the strategy engine is reduced, the network delay is reduced, and the network speed is increased.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention without limiting the invention in which:
FIG. 1 is a schematic diagram of a network data security transmission system incorporating a network security policy decision method of edge computing according to the present invention;
FIG. 2 is a schematic diagram of a conventional network data security transmission system based on attribute policy decision;
fig. 3 is a schematic flow chart illustrating a network transmission protocol attribute policy obtained by a route forwarding module in the network security policy decision method combined with edge computation according to the present invention;
fig. 4 is a schematic diagram of a forwarding process of an edge forwarder in the network security policy decision method combined with edge computation according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
Example one
Referring to fig. 1, fig. 3 and fig. 4, the present invention provides a technical solution: a network security policy decision method combining edge calculation comprises the following steps:
step 1: when the strategy engine and the edge forwarder are started, the strategy engine firstly obtains a network transmission protocol attribute strategy from a strategy database and sends the strategy to the edge forwarder;
step 2: the edge forwarder configures the network transmission protocol attribute strategy to a route forwarding module;
and step 3: when a resource data packet requested by a user is transmitted to the edge forwarder, a routing forwarding module of the edge forwarder makes an edge policy decision according to a network transmission protocol attribute policy;
and 4, step 4: a packet forwarding path is determined.
In the present invention, preferably, the edge forwarder includes a route forwarding module, an original packet discarding module, an original packet forwarding module and a tunnel encryption forwarding module;
the route forwarding module is used for making edge policy decision;
the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are respectively used for forwarding the data packet according to different paths.
In the present invention, preferably, the forwarding path in step 4 includes the following three paths:
path one: an original packet discarding path, that is, a data packet needs to be forwarded to an original packet discarding module to execute a discarding operation;
and a second route: an original packet forwarding path, that is, a data packet needs to be forwarded to an original packet forwarding module for normal forwarding of the original packet;
path three: and a tunnel encryption forwarding path, that is, the data packet needs to be forwarded to a tunnel encryption module for encryption forwarding.
In the present invention, preferably, the policy attributes in the policy database have four types of attributes, which are a network transmission protocol attribute, a time attribute, a user ID attribute, and an application layer attribute.
In the present invention, preferably, the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are all electrically connected to the route forwarding module.
The working principle and the using process of the invention are as follows: when a policy engine and an edge forwarder are started, the policy engine firstly obtains a network transmission protocol attribute policy from a policy database and sends the policy to the edge forwarder, the edge forwarder configures the network transmission protocol attribute policy to a routing forwarding module, when a resource packet requested by a user is transmitted to the edge forwarder, the routing forwarding module of the edge forwarder makes an edge policy decision according to the network transmission protocol attribute policy and then decides a packet forwarding path, and the forwarding paths are divided into three types: firstly, an original packet discarding path, namely a data packet needs to be forwarded to an original packet discarding module to execute discarding operation; secondly, an original packet forwarding path, namely, a data packet needs to be forwarded to an original packet forwarding module for normal forwarding of the original packet; and thirdly, the tunnel encryption forwarding path is used for forwarding the data packet to a tunnel encryption module for encryption forwarding, and then issuing the network transmission protocol attribute policy decision to an edge forwarder for edge decision and execution, and deciding the destination of the data packet according to a decision result, so that the frequency of policy decision making by a policy engine is reduced, the data packet processing is more flexible, and the request data packet between the edge forwarder and the policy engine is reduced.
Example two
Referring to fig. 1, fig. 3 and fig. 4, the present invention provides a technical solution: a network security policy decision method combining edge calculation comprises the following steps:
step 1: when the strategy engine and the edge forwarder are started, the strategy engine firstly obtains a network transmission protocol attribute strategy from a strategy database and sends the strategy to the edge forwarder;
step 2: the edge forwarder configures the network transmission protocol attribute strategy to a route forwarding module;
and step 3: when a resource data packet requested by a user is transmitted to the edge forwarder, a routing forwarding module of the edge forwarder makes an edge policy decision according to a network transmission protocol attribute policy;
and 4, step 4: a packet forwarding path is determined.
In the invention, preferably, the strategy engine is in communication connection with the strategy database, and the strategy engine is in communication connection with the edge transponder;
the strategy engine is used for searching a corresponding attribute strategy from the strategy database and making a strategy decision;
the strategy database is used for storing strategies and strategy attributes.
In the present invention, preferably, the edge forwarder includes a route forwarding module, an original packet discarding module, an original packet forwarding module and a tunnel encryption forwarding module;
the route forwarding module is used for making edge policy decision;
the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are respectively used for forwarding the data packet according to different paths.
In the present invention, preferably, step 3 includes the steps of:
step 3.1: a user requests resource data from resource equipment through user equipment;
step 3.2: transmitting the resource data packet requested by the user to the edge forwarder;
step 3.3: a route forwarding module of the edge forwarder makes an edge policy decision according to a network transmission protocol attribute policy;
the system comprises a user device, a resource device, a policy engine and a resource device, wherein the user device is in communication connection with the edge transponder, the resource device is in communication connection with the transponder, and the transponder is in communication connection with the policy engine;
the user equipment is used for requesting resource data;
the resource device is used for providing resource data;
the edge forwarder is operable to receive the resource access message, request a policy from the policy engine, and form a communication encryption tunnel with the forwarder.
In the present invention, preferably, step 1 comprises the steps of:
step 1.1: four types of attribute strategies exist in the strategy database, and when the strategy engine is started, four strategies are obtained from the strategy database;
step 1.2: the policy database passes the policy to the policy engine;
step 1.3: and the strategy engine issues the network transmission protocol attribute to the edge forwarder.
In the present invention, preferably, the forwarding path in step 4 includes the following three paths:
path one: an original packet discarding path, that is, a data packet needs to be forwarded to an original packet discarding module to execute a discarding operation;
and a second route: an original packet forwarding path, that is, a data packet needs to be forwarded to an original packet forwarding module for normal forwarding of the original packet;
path three: and a tunnel encryption forwarding path, that is, the data packet needs to be forwarded to a tunnel encryption module for encryption forwarding.
In the present invention, preferably, the edge forwarder needs to send other policy request messages to the policy decision engine before data in the third path is encrypted, and after receiving the policy issued by the policy engine, the edge forwarder generates an encryption tunnel with another forwarder to complete encryption communication.
In the present invention, preferably, the policy attributes in the policy database have four types of attributes, which are a network transmission protocol attribute, a time attribute, a user ID attribute, and an application layer attribute.
In the present invention, preferably, the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are all electrically connected to the route forwarding module.
In the present invention, preferably, the edge forwarder and the other forwarder perform encrypted communication through an encryption tunnel.
The working principle and the using process of the invention are as follows: mainly relate to user equipment, resource equipment, edge forwarder, tactics engine and tactics database; the user equipment is used for requesting resource data; the resource device is used for providing resource data; the edge transponder is used for receiving the resource access message, requesting the strategy from the strategy engine and forming a communication encryption tunnel with the transponder; the strategy engine is used for searching the corresponding attribute strategy from the strategy database and making a strategy decision; the edge forwarder comprises four modules which are respectively a routing forwarding module, an original packet discarding module, an original packet forwarding module and a tunnel encryption forwarding module; when a policy engine and an edge repeater are started, the policy engine firstly obtains a network transmission protocol attribute policy from a policy database and sends the policy to the edge repeater, the edge repeater configures the network transmission protocol attribute policy to a routing forwarding module, so that the edge repeater performs marginalized policy calculation and decision on the original basis, sends part of the capability of the policy decision to the edge repeater, and performs the next forwarding operation after the edge repeater makes the policy decision, thereby reducing the pressure of the policy engine, reducing the network delay and improving the network rate, when a data packet requested by a user is transmitted to the edge repeater, the routing forwarding module of the edge repeater makes the edge policy decision according to the network transmission protocol attribute policy, and then determines a packet forwarding path, wherein the forwarding path is divided into three types: firstly, an original packet discarding path, namely a data packet needs to be forwarded to an original packet discarding module to execute discarding operation; secondly, an original packet forwarding path, namely, a data packet needs to be forwarded to an original packet forwarding module for normal forwarding of the original packet; and thirdly, a tunnel encryption forwarding path, namely, a data packet needs to be forwarded to a tunnel encryption module for encryption forwarding, an edge forwarder needs to send other policy request messages to a policy decision engine before data encryption, the edge forwarder generates an encryption tunnel with another forwarder after receiving a policy issued by the policy engine to complete encryption communication, and then issues a network transmission protocol attribute policy decision to the edge forwarder for edge decision and execution, the destination of the data packet is determined according to a decision result, the frequency of policy decision by the policy engine is reduced, the data packet is more flexibly processed, and the request data packet between the edge forwarder and the policy engine is reduced.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (10)
1. A network security policy decision method combining edge calculation is characterized in that: the method comprises the following steps:
step 1: when the strategy engine and the edge forwarder are started, the strategy engine firstly obtains a network transmission protocol attribute strategy from a strategy database and sends the strategy to the edge forwarder;
step 2: the edge forwarder configures the network transmission protocol attribute strategy to a route forwarding module;
and step 3: when a resource data packet requested by a user is transmitted to the edge forwarder, a routing forwarding module of the edge forwarder makes an edge policy decision according to a network transmission protocol attribute policy;
and 4, step 4: a packet forwarding path is determined.
2. The network security policy decision method in combination with edge computing according to claim 1, characterized by: the strategy engine is in communication connection with the strategy database and is in communication connection with the edge transponder;
the strategy engine is used for searching a corresponding attribute strategy from the strategy database and making a strategy decision;
the policy database is used for storing policies and policy attributes.
3. The network security policy decision method in combination with edge computing according to claim 1, characterized by: the edge forwarder comprises a route forwarding module, an original packet discarding module, an original packet forwarding module and a tunnel encryption forwarding module;
the route forwarding module is used for making an edge policy decision;
the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are respectively used for forwarding the data packet according to different paths.
4. The network security policy decision method in combination with edge computing according to claim 1, characterized by: the step 3 comprises the following steps:
step 3.1: a user requests resource data from resource equipment through user equipment;
step 3.2: transmitting the resource data packet requested by the user to the edge forwarder;
step 3.3: a route forwarding module of the edge forwarder makes an edge policy decision according to a network transmission protocol attribute policy;
the user equipment is in communication connection with an edge transponder, the resource equipment is in communication connection with a transponder, and the transponder is in communication connection with a policy engine;
the user equipment is used for requesting resource data;
the resource device is used for providing resource data;
the edge forwarder is operable to receive a resource access message, request a policy from a policy engine, and form a communication encryption tunnel with the forwarder.
5. The network security policy decision method in combination with edge computing according to claim 1, characterized by: the step 1 comprises the following steps:
step 1.1: four types of attribute strategies exist in the strategy database, and when the strategy engine is started, four strategies are obtained from the strategy database;
step 1.2: the policy database passes the policy to the policy engine;
step 1.3: and the strategy engine issues the network transmission protocol attribute to the edge forwarder.
6. The network security policy decision method in combination with edge computing according to claim 1, characterized by: the forwarding path in the step 4 includes the following three paths:
path one: an original packet discarding path, that is, a data packet needs to be forwarded to an original packet discarding module to execute a discarding operation;
and a second route: an original packet forwarding path, that is, a data packet needs to be forwarded to an original packet forwarding module for normal forwarding of the original packet;
path three: and a tunnel encryption forwarding path, that is, the data packet needs to be forwarded to a tunnel encryption module for encryption forwarding.
7. The network security policy decision method in combination with edge computing according to claim 6, characterized by: before data in the third path is encrypted, the edge forwarder needs to send other policy request messages to the policy decision engine, and after receiving the policy issued by the policy engine, the edge forwarder generates an encryption tunnel with another forwarder to complete encryption communication.
8. The network security policy decision method in combination with edge computing according to claim 1, characterized by: the policy attributes in the policy database have four types of attributes, which are a network transmission protocol attribute, a time attribute, a user ID attribute and an application layer attribute.
9. A network security policy decision method in combination with edge computing according to claim 3, characterized by: the original packet discarding module, the original packet forwarding module and the tunnel encryption forwarding module are electrically connected with the route forwarding module.
10. The network security policy decision method in combination with edge computing according to claim 1, characterized by: and the edge transponder and the other transponder carry out encrypted communication through an encryption tunnel.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111357877.2A CN114070626A (en) | 2021-11-17 | 2021-11-17 | Network security policy decision method combining edge calculation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111357877.2A CN114070626A (en) | 2021-11-17 | 2021-11-17 | Network security policy decision method combining edge calculation |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114070626A true CN114070626A (en) | 2022-02-18 |
Family
ID=80273231
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111357877.2A Pending CN114070626A (en) | 2021-11-17 | 2021-11-17 | Network security policy decision method combining edge calculation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114070626A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101051891A (en) * | 2007-05-22 | 2007-10-10 | 网御神州科技(北京)有限公司 | Method and device for safety strategy uniformly treatment in safety gateway |
| US9252972B1 (en) * | 2012-12-20 | 2016-02-02 | Juniper Networks, Inc. | Policy control using software defined network (SDN) protocol |
-
2021
- 2021-11-17 CN CN202111357877.2A patent/CN114070626A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101051891A (en) * | 2007-05-22 | 2007-10-10 | 网御神州科技(北京)有限公司 | Method and device for safety strategy uniformly treatment in safety gateway |
| US9252972B1 (en) * | 2012-12-20 | 2016-02-02 | Juniper Networks, Inc. | Policy control using software defined network (SDN) protocol |
Non-Patent Citations (1)
| Title |
|---|
| 王晓峻;来晓阳;: "构建基于虚拟计算的安全管控平台", 电信技术, no. 06, pages 2 - 3 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2021207922A1 (en) | Packet transmission method, device, and system | |
| JP2018521534A (en) | Network device and method for processing a session using a packet signature | |
| US11336660B2 (en) | Methods and apparatuses for identifying replay transaction based on blockchain integrated station | |
| US11665234B2 (en) | Methods and apparatuses for synchronizing data based on blockchain integrated station | |
| WO2018121397A1 (en) | Network traffic control method and switch device | |
| US20220021701A1 (en) | Method and System for Providing Edge Service, and Computing Device | |
| CN108289061B (en) | Service chain topology system based on SDN | |
| WO2023000940A1 (en) | Data processing method and apparatus, and network element device, storage medium and program product | |
| US20160088578A1 (en) | Link layer discovery protocol (lldp) on multiple nodes of a distributed fabric | |
| CN111447234A (en) | Block chain structure suitable for edge calculation | |
| WO2021022806A1 (en) | Network system, method, and communication device for centralized processing of network services | |
| WO2022068756A1 (en) | Service mesh system employing microservice, and service governance method | |
| WO2021098425A1 (en) | Qos policy method, device, and computing device for service configuration | |
| CN114363182A (en) | Deterministic network system and deterministic service transmission method | |
| CN105472486A (en) | Processing method for preventing routing loop of PON access system | |
| US10531168B2 (en) | Low-latency data switching device and method | |
| Zhang et al. | Intelligent requests orchestration for microservice management based on blockchain in software defined networking: A security guarantee | |
| CN109150829B (en) | Software-defined cloud network trusted data distribution method, readable storage medium and terminal | |
| US20230269164A1 (en) | Method and apparatus for sending route calculation information, device, and storage medium | |
| US11924103B2 (en) | Traffic processing method, apparatus, and network device | |
| CN112887278A (en) | Interconnection system and method of private cloud and public cloud | |
| CN114070626A (en) | Network security policy decision method combining edge calculation | |
| CN101621528B (en) | Conversation system based on Ethernet switch cluster management and method for realizing conversation passage | |
| CN107707546B (en) | Message copying method and novel network adapter supporting message copying function | |
| CN108900518A (en) | Believable software definition cloud network data distribution systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |