Research On Shared Data Security Based On SDN

The growing Internet has brought us into the era of big data,however countless of sensitive data was exposed to the network.As the lack of data security measures resulting in many malicious information leakage incidents,information security is drawing more attentions.With the continuous evolution of network technology,SDN/NFV and other new network architecture and technology came into being.The new network environment and technology form for the development of a variety of traditional applications with new possibilities.In this paper,we did some research and exploration on the traditional information security field in the new network environment,and focus on the security of information transmission and storage.In order to enhance the practicability of the research,this paper designs a set of information transmission and storage model.In order to solve the problem of secure transmission,this paper firstly analyzes the security service access mode in SDN network environment,and designs a set of security service management based on registration and authentication.Authentication mechanism is used to ensure that encryption and decryption module in the network is safe and reliable,while the registration mechanism to achieve its management.Secure transmission model with SDN controller as the center,use the way of OpenFlow protocol's flow table to build data transmission channel,and encryption and decryption module to encrypt the network data stream,which ultimately make the formation of a secure transmission tunnel.The data is transmitted in the tunnel in cipher text.The encryption and decryption module based on the idea of NFV can be running on the common X86 platform and achieved by the way of software programming,which can be flexible to adjust the type of data.In view of the problem of secure storage,this paper takes the popular network storage as the research object.After the analysis of a variety of storage solutions,we finally designed the storage model which use a distributed combination of key for the data encryption protection in the storage server side.Secure storage model is divided into two parts: data encryption and decryption and security key management.Encryption and decryption module is not strong coupling with the network storage server to enhance its versatility.And key management module uses a key combination method which can customize the user security key can enhance both the system security and user participation.In order to better application in the SDN network,this paper optimizes the secure storage module that the SDN controller manages the location information of the secure storage module in the network so that the security module is hidden in the network.In short,this paper uses SDN and other network technology to study the information transmission and storage issues,and put forward a set of solutions.