| With the rapid development of network information interaction,people's demand for network security is increasing day by day.Identity authentication is the foundation for ensuring information security.Authentication realizes the authenticity of authenticating user identity and effectively prevents unauthorized users from accessing network resources.The implementation of identity authentication needs to consider identity authentication credentials,authentication methods and authentication scenarios.In the Internet,knowledge based authentication credentials are generally used.Among them,the digital certificate,as a knowledge authentication certificate,is widely used in the application scenarios with high security degree,such as Internet finance.Identity authentication methods and techniques widely used in the Internet are based on centralized authentication methods.the centralization of identity authentication method can solve problems in authentication,arbitrates the results of the authentication and naintains the the fairness of access identity authentication.However,it is difficult and complicated to authenticate in the non-user identity domain.At present,identity authentication in both intra domain and cross domain SDN networks is centralization access authentication.The access authentication in the domain is faced with the challenge of centralization access authentication,and the existing SDN access authentication projects directly or indirectly relies on the SDN controller leading to increasing the load pressure of the SDN controller.Cross domain authentication requires not only a lot of work to be prepared beforehand,but also relies on identity authentication method in the associated domain.Blockchain has the characteristics of centralization,transparency and openness,and a decentralized peer to peer cooperative transaction is established among nodes without trust.Blockchain not only gets rid of the restriction of region to technology,but also obtains credible and reliable results.Block chain technology has been applied to Internet finance,e-commerce,Internet of things,fair security,public platform and other fields.In order to disperse the risk of centralization authentication and to reduce the complexity of cross domain identity access authentication,using for reference blockchain,this paper studies the decentralization of SDN access authentication.First of all,in order not to rely on center authentication server,the method that joined SDN network hosts verify the ownership of the authentication credentials verifys the identity of the user.Secondly,in order to geting more reliable authentication results and improving Byzantine fault-tolerant algorithm,a result recognition algorithm with fault tolerance is proposed.Finally,in order to achieving the traceability,anti-counterfeit,tampering,and anti repudiation of the authentication results,a data structure using "block + chain" is proposed to record the identity authentication results.In order to verify the feasibility and effectiveness of the decentralization authentication in the SDN network,the project is designed and implemented first,and then the experiment platform is built.The experimental results show that the decentralization authentication proposed in this paper can implement the authentication process in the SDN network by the nodes in the network,and record the identity authentication results in the nodes of the SDN network. |
PDF Full Text Request