Research And Design Of Terminal Access Authentication And Satellite Two-Way Authentication Protocol In Software Defined Satellite Network

With the release of Musk's "Starlink" plan,countries have begun to make arrangements in the satellite field.China's China Aerospace Science&Industry Corporation launched the "Hongyun Project",which plans to build a space-borne broadband global mobile internet network.Some scholars have proposed to combine software-defined networks with satellite networks.Thus data control and data forwarding on the satellite network can be more flexible,satellite network can provide more business support,thereby creating more economic benefits.Software-defined network technology is an emerging and directly programmable network architecture that separates the control layer from the forwarding layer in the network.Deploying it on the satellite network can achieve customized requirements for communication services.In the meantime,this architecture can make data forwarding more efficient and flexible.However,there are still some scenarios in software-defined satellite networks that require security authentication,such as security authentication when mobile terminal users perform network access and security authentication before two-way communication between satellite nodes.For this two scenarios,this paper proposes corresponding authentication protocols with high operating efficiency and complete security guarantee.A server-side low-storage access authentication protocol is proposed for terminal access scenarios in software-defined satellite networks,and a lightweight computing two-way authentication protocol is proposed for two-way communication between satellites.In terms of protocol verification,this paper used formal analysis method,BAN logic system and experimental verification to prove the security and performance of these protocols.At the same time,the security and performance of this protocols are compared with other protocols of the same type.In order to verify the experimental effect of these protocols,a software-defined satellite network simulation environment was established using OpenStack,OpenSwitch and other frameworks.These protocol and other similar protocols were written in Python and tested under the software-defined satellite network simulation environment.The theoretical and experimental results prove that the two protocols proposed in this paper have greatly improved security and computing performance compared to other similar protocols.In terms of security,the terminal access authentication protocol also realizes the protection of identity anonymity on the premise of ensuring basic security;while the two-way authentication protocol can fully guarantee the identity authentication and communication security of both parties in communication.In terms of computing performance,the terminal access authentication protocol under the software-defined satellite network has decreased the overall computing time consumption by 30%and decreased the server-side computing time consumption by 40%.The two-way inter-satellite authentication protocol under the software-defined satellite network reduces three hash operations as a whole,accounting for 2%of the overall protocol time.In the frequent two-way authentication scenario,for all the vehicles in the same orbit of the medium-orbit satellite,the overall communication volume that can be completed in one hundred days can be saved to ninety-nine days.Not only can the information be transmitted in a more timely and rapid manner,but it can also save the satellite node's resource consumption to a certain extent and extend its service life.