网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (3): 123-133.doi: 10.11959/j.issn.2096-109x.2021064

• 学术论文 • 上一篇    

资源公钥基础设施数据同步的改进方法研究

冷峰1,2,3, 赵琦2, 延志伟2, 曾宇1,2   

  1. 1 中国科学院计算机网络信息中心,北京 100190
    2 中国互联网络信息中心,北京 100190
    3 中国科学院大学,北京 100049
  • 修回日期:2021-03-23 出版日期:2021-06-01 发布日期:2021-06-01
  • 作者简介:冷峰(1982- ),男,山东莱阳人,中国科学院大学博士生,中国互联网络信息中心高级工程师,主要研究方向为互联网基础资源安全
    赵琦(1982- ),男,吉林长春人,中国互联网络信息中心高级工程师,主要研究方向为系统架构设计、优化和网络安全
    延志伟(1985- ),男,山西兴县人,博士,中国互联网络信息中心研究员,主要研究方向为互联网名址协议及下一代网络架构
    曾宇(1973- ),男,湖南邵阳人,博士,中国互联网络信息中心研究员,主要研究方向为计算机体系结构、网络安全、数字经济
  • 基金资助:
    北京市科技新星计划项目(Z191100001119113)

Research on improved scheme of resource public key infrastructure data synchronization

Feng LENG1,2,3, Qi ZHAO2, Zhiwei YAN2, Yu ZENG1,2   

  1. 1 Computer Network Information Center, Chinese Academy of Sciences, Beijing 100190, China
    2 China Internet Network Information Center, Beijing 100190, China
    3 University of Chinese Academy of Sciences, Beijing 100049, China
  • Revised:2021-03-23 Online:2021-06-01 Published:2021-06-01
  • Supported by:
    Beijing Nova Program of Science and Technology(Z191100001119113)

摘要:

资源公钥基础设施(RPKI)依赖方需定期从资料库系统同步数据进行信息验证。为了完成数据同步,当前主流的方式是采用Rsync和RRDP两种技术,但各自存在着相关问题。针对上述问题,通过分析研究依赖方从资料库同步数据的方式,建立了数学模型,并根据两种技术各自面临的相关问题,提出了一种改进的 RPKI 数据同步方法,分析了传统数据同步手段与改进方法各自的优缺点以及适应的场景,为优化RPKI的部署应用提供了参考。

关键词: 资源公钥基础设施, 路由决策, 数据同步, 数学模型

Abstract:

RPKI Relying party needs to synchronizing data from repository periodically to verify information.In general, Rsync and RRDP are the two common means to complete data synchronization, however, each of them has related problems.In order to solve these problems, through analyzingthe way for synchronizing data from repository by the relying party, a mathematical model was established.Furthermore, based on the current problems faced by the two synchronization means, an improved RPKI data synchronization scheme was proposed.The advantages and disadvantages of the improved scheme were analyzed in detail, as well as the applicable scenarios.The improved scheme could provide a reference for optimizing the deployment and application of RPKI.

Key words: resource public key infrastructure, routing decision, data synchronization, mathematical model

中图分类号: 

No Suggested Reading articles found!