Research And Implementation Of Control Mechanism Based On User And Service In Identifier-Based Network

The proposal of the Identifier-Based Network has brought the possibility to solve the shortcomings of the original design of traditional Internet.However,as a new network architecture,the Identifier-Based Network needs to be further improved in user-based and service-based control.Mainly reflected in the follow:first,too much or too little use of the relevant attributes of users and services will lead to the difficulty of policy management and the problem of unable to achieve fine-grained control;second,the inefficient implementation of control policys will easily lead to poor user experience;third,the lack of dynamic control of users in access will lead to the threat of service resources.Based on the above shortcomings,on the basis of in-depth study of the existing control mechanisms,and combined with the infrastructure and communication principles of the Identifier-Based Network,this paper designs and implements a dynamic fine-grained control system.The specific work is described below:Firstly,the design requirements of dynamic fine-grained control system based on users and services in Identifier-Based Network are analyzed,and the overall design scheme is given:the system is divided into six modules:data processing module,policy execution module,cache management module,policy processing module,policy management module,management and monitor module;a two-level control mechanism suitable for the Identifier-Based Network is proposed,which expounds the methods of achieving fine-grained control and making the system more scalable and policy-manageable;originally,the traditional control policy is divided into fine-grained control policy and execution policy,and the efficient execution of the policy is realized through execution strategy;a dynamic user reliability correction algorithm is proposed to feedback the user's behavior in the process of access.So as to achieve the goal of real-time dynamic adjustment of user's access rights.Secondly,the data processing and policy execution functions are realized by modifying the operating system kernel;the problem of execution policy caching and efficient execution is solved by using database;fine-grained policy matching,high scalability and policy management are realized by using the two-level control mechanism mentioned above;the management platform of control system is built by means of programming framework;and the dynamic adjustment of user privileges is realized by using the above-mentioned reliability correction algorithm.The realization of each module of the dynamic fine-grained control system based on users and services in Identifier-Based Network is completed.Finally,on the basis of building the prototype system,the specific functions of the above six modules are verified.The efficiency of policy execution of the two control mechanisms and the performance of two user reliability correction algorithms are compared,which shows the superiority of the system in controlling granularity,policy execution efficiency and abnormal behavior sensitivity.The test results show that the system achieves fine-grained,efficient and dynamic control,and has high scalability and policy management,which effectively guarantees the security of users and services in Identifier-Based Network.The dynamic user reliability correction algorithm proposed in this paper is more sensitive to user's abnormal behavior which can quickly feedback user's abnormal behavior,so that the system can achieve real-time dynamic adjustment of user privileges.