电信科学 ›› 2021, Vol. 37 ›› Issue (12): 60-71.doi: 10.11959/j.issn.1000-0801.2021277

• 专栏:5G+时代的可编程网络 • 上一篇    下一篇

5G+时代的软件定义安全技术架构研究与实践

全硕, 王旭亮, 朱泽亚   

  1. 中国电信股份有限公司研究院,北京102209
  • 修回日期:2021-12-10 出版日期:2021-12-20 发布日期:2021-12-01
  • 作者简介:全硕(1991- ),男,中国电信股份有限公司研究院工程师,主要研究方向为云网融合、云计算与大数据和云网运营等
    王旭亮(1986- ),中国电信股份有限公司研究院高级工程师,主要研究方向为云网融合技术、云数据中心网络和边缘计算等
    朱泽亚(1995- ),男,中国电信股份有限公司研究院工程师,主要研究方向为云网融合技术、云网运营技术和大数据与云计算等

Research and practice of software-defined security technology architecture in the 5G+ era

Shuo QUAN, Xuliang WANG, Zeya ZHU   

  1. Research Institute of China Telecom Co., Ltd., Beijing 102209, China
  • Revised:2021-12-10 Online:2021-12-20 Published:2021-12-01

摘要:

新基建和数字经济激发了云网安全的保障需求,云网融合安全也是未来的重要发展趋势。首先分析了面向5G专网用户提供整体安全服务面临的三大类问题,提出了在5G+时代软件定义安全整体架构。其次基于该架构介绍了相应的原型系统的设计与实现。最后验证了基于云化构架的软件定义安全编排与调度体系有助于精确化地整体解决5G+时代5G专网企业客户的业务安全威胁和隐患,为后续的研究提供了系统性的参考价值。

关键词: 软件定义安全, 服务功能链, 网络功能虚拟化

Abstract:

Cloud network security has become a strong need under the background of the new infrastructure and digital economy, while cloud network integration security has been defined as an ongoing trends.Initially, three major types of problems facing 5G private network users were presented in providing overall security services, and an overall software-defined security architecture in the 5G+ era was proposed.Furthermore, the corresponding prototype system design and implementation was discussed based on this architecture.At the end, the verification shows that the software-defined security orchestration and scheduling system based on the cloud-based architecture helps to accurately solve the overall business security threats and hidden dangers of 5G private network enterprise customers in the 5G+ era, providing systematic reference value for subsequent research.

Key words: software-defined security, service function chain, network function virtualization

中图分类号: 

No Suggested Reading articles found!