Cargando…
Towards Double Defense Network Security Based on Multi-Identifier Network Architecture
Recently, more and more mobile devices have been connected to the Internet. The Internet environment is complicated, and network security incidents emerge endlessly. Traditional blocking and killing passive defense measures cannot fundamentally meet the network security requirements. Inspired by the...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8838307/ https://www.ncbi.nlm.nih.gov/pubmed/35161493 http://dx.doi.org/10.3390/s22030747 |
| _version_ | 1784650095239626752 |
|---|---|
| author | Wang, Yunmin Smahi, Abla Zhang, Huayu Li, Hui |
| author_facet | Wang, Yunmin Smahi, Abla Zhang, Huayu Li, Hui |
| author_sort | Wang, Yunmin |
| collection | PubMed |
| description | Recently, more and more mobile devices have been connected to the Internet. The Internet environment is complicated, and network security incidents emerge endlessly. Traditional blocking and killing passive defense measures cannot fundamentally meet the network security requirements. Inspired by the heuristic establishment of multiple lines of defense in immunology, we designed and prototyped a Double Defense strategy with Endogenous Safety and Security (DDESS) based on multi-identifier network (MIN) architecture. DDESS adopts the idea of a zero-trust network, with identity authentication as the core for access control, which solves security problems of traditional IP networks. In addition, DDESS achieves individual static security defense through encryption and decryption, consortium blockchain, trusted computing whitelist, and remote attestation strategies. At the same time, with the dynamic collection of data traffic and access logs, as well as the understanding and prediction of the situation, DDESS can realize the situation awareness of network security and the cultivation of immune vaccines against unknown network attacks, thus achieving the active herd defense of network security. |
| format | Online Article Text |
| id | pubmed-8838307 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-88383072022-02-13 Towards Double Defense Network Security Based on Multi-Identifier Network Architecture Wang, Yunmin Smahi, Abla Zhang, Huayu Li, Hui Sensors (Basel) Article Recently, more and more mobile devices have been connected to the Internet. The Internet environment is complicated, and network security incidents emerge endlessly. Traditional blocking and killing passive defense measures cannot fundamentally meet the network security requirements. Inspired by the heuristic establishment of multiple lines of defense in immunology, we designed and prototyped a Double Defense strategy with Endogenous Safety and Security (DDESS) based on multi-identifier network (MIN) architecture. DDESS adopts the idea of a zero-trust network, with identity authentication as the core for access control, which solves security problems of traditional IP networks. In addition, DDESS achieves individual static security defense through encryption and decryption, consortium blockchain, trusted computing whitelist, and remote attestation strategies. At the same time, with the dynamic collection of data traffic and access logs, as well as the understanding and prediction of the situation, DDESS can realize the situation awareness of network security and the cultivation of immune vaccines against unknown network attacks, thus achieving the active herd defense of network security. MDPI 2022-01-19 /pmc/articles/PMC8838307/ /pubmed/35161493 http://dx.doi.org/10.3390/s22030747 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Wang, Yunmin Smahi, Abla Zhang, Huayu Li, Hui Towards Double Defense Network Security Based on Multi-Identifier Network Architecture |
| title | Towards Double Defense Network Security Based on Multi-Identifier Network Architecture |
| title_full | Towards Double Defense Network Security Based on Multi-Identifier Network Architecture |
| title_fullStr | Towards Double Defense Network Security Based on Multi-Identifier Network Architecture |
| title_full_unstemmed | Towards Double Defense Network Security Based on Multi-Identifier Network Architecture |
| title_short | Towards Double Defense Network Security Based on Multi-Identifier Network Architecture |
| title_sort | towards double defense network security based on multi-identifier network architecture |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8838307/ https://www.ncbi.nlm.nih.gov/pubmed/35161493 http://dx.doi.org/10.3390/s22030747 |
| work_keys_str_mv | AT wangyunmin towardsdoubledefensenetworksecuritybasedonmultiidentifiernetworkarchitecture AT smahiabla towardsdoubledefensenetworksecuritybasedonmultiidentifiernetworkarchitecture AT zhanghuayu towardsdoubledefensenetworksecuritybasedonmultiidentifiernetworkarchitecture AT lihui towardsdoubledefensenetworksecuritybasedonmultiidentifiernetworkarchitecture |