Recently, China information and Communication Research Institute (hereinafter referred to as “China Institute of information and communication”) and Huawei newip research team have completed the experimental verification of flexible variable length address (flexip) intelligent door lock control scenario. Relying on the future network test facility Ceni Shenzhen subsystem (hereinafter referred to as “Ceni test facility Shenzhen subsystem”) constructed by China Academy of information technology, this test completed the world’s first flexip technology test for the scenario of energy-saving and trusted Internet park.
Future network test facility national major science and technology infrastructure is one of the key scientific devices in the medium and long term plan of national major science and technology infrastructure construction (2012-2030), and also the only major science and technology infrastructure in the field of information and communication. In October 2020, the Shenzhen Branch of Ceni experimental facility contracted by China Academy of information technology was completed in the unified period, and the dual plane backbone network and eight cloud edge network nodes in Shenzhen, Beijing, Nanjing and Chongqing were officially put into operation.
The flexip test is based on the intelligent door lock control scenario of smart park. Relying on the Shenzhen subsystem of Ceni test facility, it is carried out in Beijing and Shenzhen to verify the IP networking of low-power IOT terminals based on flexip. After evaluation, the storage cost of flexip protocol stack is 75% lower than that of IPv6 protocol stack, and the overall packet efficiency is improved by 50%. At the same time, the test also verifies the on-line endogenous security verification mechanism based on the built-in verifiable terminal identification in the network layer. Based on this mechanism, a lightweight trusted security architecture for low-power IOT terminals can be realized. This test is based on intelligent door lock, intelligent AP gateway, intelligent Ethernet switch, cloud intelligent door lock service platform and other networks and business units. The Shenzhen Branch of Ceni test facility provides secure encryption channels from Shenzhen and Beijing to the public cloud intelligent door lock service platform to ensure centralized and reliable management and maintenance of intelligent door lock in the cloud, The end-to-end interconnection and service interworking of flexip protocol are realized.
Smart door lock service is a typical Internet of things service. This experiment is a flexip Technology Practice for new Internet park. From the perspective of industrial development, the new Internet park network is showing three major trends:
First, one network to the end requires unified management and maintenance.
Internet of things terminal protocol is complex and diverse, such as Bluetooth, ZigBee and so on. These technologies can better solve the communication scenario in the domain, but the external communication usually needs protocol gateway conversion, which breaks the end-to-end connection and security mechanism of IP, and the cost of interworking management and maintenance is high.
Second, the Internet of things terminal resource constraints, the need for low-power, efficient bearer communication protocol.
Compared with traditional access devices such as PC and mobile phone, IOT devices are usually limited in resources, which requires low power consumption, low protocol stack overhead and high carrying efficiency in the communication process. When IOT device uses IPv6 address for communication, too large packet header will lead to low transmission efficiency and increase unnecessary transmission energy consumption.
Thirdly, the security boundary of the park has been broken, which requires a minimalist and efficient security scheme.
When employees leave the industrial park for telecommuting (such as remote control and maintenance) or partners enter the industrial park, attackers may sneak into the park, and the security policies based on location and IP address are no longer applicable. Moreover, the physical environment of massive IOT devices accessing the network is complex and diverse, which requires higher security. However, the existing security protocols require higher computing and storage resources for terminals and network devices, which requires a lightweight and efficient security and trust scheme.
The flexip energy-saving and trusted Internet Park scheme verified in this experiment is applied to the Internet of things, which can realize the endogenous security capability of one network to the bottom, short address low-power processing and forwarding, and lightweight.
Flexible addressing, IP one network to the end. Flexible variable length IP address can flexibly adapt to different terminal types, compatible with IPv4 and IPv6, reduce the gateway protocol adaptation and compatibility threshold through stateless transition, solve the additional resource overhead and network scalability problems of traditional protocol conversion gateway and other devices, and easily realize heterogeneous network interoperability.
Localized short address, support energy-saving processing and forwarding of Internet of things. In the actual transmission, the IP packet header of short address communication only carries the necessary fields (such as destination address, source address, etc.), which improves the transmission efficiency of load and meets the communication needs of Internet of things represented by sensor communication; Flexip supports stateless long short address translation at the gateway, which solves the extra resource overhead and network scalability problems of traditional protocol translation gateway and other devices.
Lightweight endogenous network security for massive IOT. The internal security mechanism of network layer, based on the verifiable ID design of symmetric cryptography, realizes IOT random verification technology, and achieves the goal of security, trustworthiness and automation; To achieve lightweight security verification and anti replay, improve network availability.
In the future, China Academy of information technology will cooperate with industry partners to carry out bold exploration and positive practice in 5g, Internet of things, industrial Internet and other fields relying on Shenzhen Branch of Ceni experimental facility, so as to further play the role of future network experimental facility as a pilot and demonstration, and lead network technology to set sail.
Editor in charge: GT