| ¡¡ | Chinese Journal of Computers Full Text |
| Title | Trustworthy and Controllable Network Architecture and Protocol Framework |
| Authors | LUO Jun-Zhou HAN Zhi-Geng WANG Liang-Min |
| Address | (School of Computer Science and Engineering, Southeast University, Nanjing 210096) |
| Year | 2009 |
| Issue | No.3(391¡ª404) |
| Abstract & Background | Abstract As Internet has grown in size and complexity, the network architecture is confronting some serious challenges on security and management, and the ideal countermeasure to these issues is to design some new architecture with trustworthiness and controllability. All existing architectures are either based on End-to-End argument and connectionless-oriented theory making packets transmission uncontrollable, or redesigning the existing network architecture at great expense. With these issues in mind, the authors propose a trustworthy and controllable network architecture by attaching to the present network architecture with a four lays of trustworthy and controllable logical architecture including decision layer, observed layer, resource layer and trustworthy interaction layer for making network and user behavior predictable and manageable. On the premise of defining logic flow as the network controlled objective in the new architecture, the authors present a self-feedback control method in close-loop mode including four functional phases such as perception and monitoring, understanding and detection, judgment and decision-making, and control and reachable for ensuring network system be stable state with the capability of self-diagnosis and self-recovery. They also point out the trustworthy interaction layer with the capability of cross-layer interaction is key to ensure the network architecture trustworthy and controllable, and then propose the model of trustworthy and controllable protocol locating in the layer and define protocol fundamental function for ensuring protocol execution predictable. The authors also point out the trust flow appeared in logic flow is the protocol controlled objective, and give out protocol trustworthy control method based on network control method of the new architecture by means of integrating trust management with non-repudiation service. For checking validity of the protocol model and protocol control method, they present the concrete protocol implementing scheme including protocol basic elements and protocol two-stage execution process. Finally the authors show some advantages of our new architecture in comparison with some representative existing techniques, and point out our future work. Keywords trustworthy and controllable; trust flow; trust management; non-repudiation Background This work is supported by the National Natural Science Foundation of China under grants No.90604004 and 60773103, and the China Specialized Research Fund for the Doctoral Program of Higher Education under grant No.200802860031, and the Jiangsu Provincial Natural Science Foundation of China under grants No.BK2007708 and BK2008030, and Jiangsu Provincial Key Laboratory of Network and Information Security under grant No.BM2003201, and the Key Laboratory of Computer Network and Information Integration (Southeast University), Ministry of Education under grant No.93K-9. Today¡¯s Internet being one of the most important infrastructures in information society was designed based on the network architecture developed in the 1970s. However, with the repaid development of network technologies and applications, Internet is growing in size and complexity, some presuppositions and modes are changing, and new requirements are produced. Traditional network theories, especially the network security and management theories, are not good enough to support the network¡¯s development, the network architecture is confronting some serious challenges on security and management, it is the time to rethink the network architecture for supporting trustworthiness and controllability. With this issues in mind, the framework of a trustworthy and controllability network architecture is presented in this paper, including three essential properties, such as observability, controllability and reachable. Also the network control method, protocol model, protocol control method, protocol function and protocol implementing scheme are given out. |