Architecture of Sovereignty Network

Abstract

Although the early design concept of the Internet was decentralized, the control of the basic technology architecture showed a strong centralized form. Therefore, it is imperative to put forward a new network architecture to meet the demand of future network development and realize decentralized management of domain names by technical means. Sovereignty network based on MIN Architecture proposed in this chapter effectively realizes multilateral co-management and co-governance of cyberspace, and ends centralized management under the single IP identifier. At the same time, it protects the network of all countries from the risk of DNS disappearance and blinding caused by the smear of ICANN root zone or hacker attack. Combining multiple security mechanisms, sovereignty network guarantee the endogenous security and reliability, which help to construct secure and private networks. With the construction of the sovereignty network, the co-governance and self-management of all parties in cyberspace can be truly realized.

Although the early design concept of the Internet was decentralized, but the current control of the basic technology architecture showed a strong centralized form. Therefore, it is imperative to put forward a new network architecture to meet the demand of future network development and realize decentralized management of domain names by technical means. Sovereignty network effectively realizes multilateral co-management and co-governance of cyberspace, and terminates centralized management under the single IP identifier. At the same time, it protects the network of all countries from the risk of DNS disappearance and blinding caused by the smear of ICANN root zone or hacker attack. With the construction of the sovereignty network, the co-governance and self-management of all parties in cyberspace can be truly realized.

3.1 Sovereignty Network

3.1.1 Definition of Sovereignty Network

The sovereignty network with the new architecture, is an identity centric national network that can be used to autonomously and controllable register, generate, manage and resolute the domain name of an identity of both natural person or corporate organization.

According to international regulations, cyberspace business is governed by Radio and Television laws which are stricter than telecommunications laws of various countries. The news release of telecom network is relatively arbitrary, which results in the large number of false information in the network, indicates that telecom is not enough in content supervision. The national broadcasting network represents the voice of the national government, and the supervision of its ideological field has always been the top priority for various departments or industries. Therefore, this book chooses the broadcast television network as a typical application scenario to deploy a completely autonomously managed sovereignty network with a new identity centric architecture that is safe, reliable, manageable, autonomous and intelligent.

3.1.2 Functional Requirements for Sovereignty Network

To build the sovereignty network, it is necessary to ensure that users within the network can access the Internet and obtain Internet content. At the same time, to conform to the tide of the future network development, the sovereignty network should provide new functions to support the new needs of users. While ensuring to provide rich content resources, sovereignty network also needs to provide higher security level than the existing network architecture.

The functional requirements of the sovereignty network are listed as follows:

1. (1)

   Multilaterally managed top-level identifiers to support connectivity.

2. (2)

   Identifiers belong to a state can be managed independently by the state. Each virtual cyberspace in a state is independent of each other.

3. (3)

   The classification user management should be supported. According to users of different ages and jobs, the classification user purview control mechanism ensures a clean and safe network environment.

4. (4)

   Users can access their authorized Internet content. For example, the production and broadcasting staff can access all contents on the Internet except codes and software, and ordinary adult users can access all non-sensitive contents on the Internet, but ordinary minor users can only access specific resources.

5. (5)

   The sovereignty network can support 5G requirements and provide both wired and wireless data transmission.

6. (6)

   The security of resources and content data within the sovereignty network should be guaranteed, that is, the sovereignty network should effectively prevent existing network attacks (such as worms and malicious traffic), as well as ensure the stable operation of the system.

7. (7)

   The production and broadcasting network of radio and television programs can run online in real time.

8. (8)

   The sovereignty network can provide a better user experience for watching videos, such as faster video acquisition rate and more stable video playback.

9. (9)

   The electronic games, e-commerce, voice calling, video calling and other services should be supported.

10. (10)

    The content within the sovereignty network can still meet the basic user needs after being physically isolated from the Internet, that is, users can still access some previously accessed contents published on the external Internet.

11. (11)

    Users in the sovereignty network can publish content actively.

12. (12)

    The sovereignty network should support various functions, such as video live broadcast, on-demand broadcast, playback, doubling speed and time-shifting, just like the existing system.

13. (13)

    Other basic businesses.

3.2 Existing Technologies

3.2.1 IPv9

Now some researchers use IPv9, namely the decimal network, to design the sovereign network. The decimal network is a modified version of the IETF proposal by Mr. Jianping Xie, director of the Shanghai General Chemical Research Institute.

The decimal network system is mainly composed of the IPv9 address protocol, IPv9 header protocol, IPv9 transition protocol, digital domain name specification and other protocols and standards. The digital domain name refers to the use of 0–9 Arabic numerals instead of traditional English letters as the name of domain name. The digital domain name, which is a part of the decimal network system, can also be used directly as the IPv9 address [1].

IPv9 protocol requires to use 0–9 Arabic numerals as the virtual IP address, and use the decimal system as the text representation method, which is easy to find the Internet users. To improve the efficiency and convenience for the use of end users, some addresses can be directly used as domain names. Since IPv9 classifies and codes the services of the original computer network, cable broadcast network and telecommunication network, IPv9 is also known as the “new generation of secure and reliable information integration protocol”.

The decimal network refers to a new network using the decimal algorithm and text representation method. It connects various computers using decimal algorithm into a network, and can be intercommunicated with the existing network.

The decimal network system uses decimal, multi-protocol in the domain name system to map English, Chinese and other domain names to globally unique IP addresses. Besides, IPv9 established a distributed root domain name system, introducing the concept of country and region, so that each country has its root domain name system, in order to establish and maintain its status and image as a sovereign country on the Internet.

IPv9 increases the address length of IP from 32 and 128 bits to 2048 bits to support more address levels, more addressable nodes, and provide a simple automatic address configuration. At the same time, the 32-bit address length of IPv4 is reduced to 16 bits, which solved the cellular communication problem in mobile communications. IPv9 addresses specify 256-bit identifiers for interfaces and interface groups, and can be divided into three types. The three types of addresses are as follows:

1. (1)

   Unicast: A single interface has an identifier. The package sent to a unicast address is passed to the interface identified by the address.

2. (2)

   Arbitrary VoD: Generally, a group of interfaces belonging to different nodes have an identifier. The package sent to an arbitrary VoD (Video-On-Demand) address is passed to the interface identified by the address and measured according to the distance of routing protocol.

3. (3)

   Multicast: A group of interfaces belonging to different nodes generally have an identifier, but the package, which is sent to a multicast address, will pass all interfaces of that address. There is no broadcast address in IPv9, and its function is replaced by the multicast address.

There are five types of IPv9 addresses:

1. (1)

   IPv9 address: This address takes the form Y[Y[Y [Y[Y [Y[Y [Y], where each Y represents a decimal integer between 0 and 2³².

2. (2)

   IPv9 addresses compatible with IPv4: This address takes the form of Y[Y[Y [Y[Y [Y[Y [D.D.D.D, where each Y represents a decimal integer between 0 and 2³², and each D represents a decimal integer between 0 and 2⁸ from the original IPv4.

3. (3)

   IPv6 compliant IPv9 addresses: This address takes the form Y[Y[Y[Y [X:X:X:X:X:X:X:X. Where each Y represents a decimal integer between 0 and 2³², and each X represents a hexadecimal number between 0000 and FFFF from the original IPv6.

4. (4)

   Special compatible address.

5. (5)

   Full decimal address: For the convenience of logistics code and full decimal address application.

IPv9 has the following characteristics:

1. (1)

   IPv9 adopts fixed-length and non-positioning methods like the telephone, which reduces the network overhead.

2. (2)

   IPv9 adopts a specific encryption mechanism to ensure the network security. The IPv9 network is more secure because IPv9 has more addresses, more address modes (variable length, and unique IP address encryption technology), and more IPv9 extension header definitions. The address header, message and protocol number information are not disclosed, but have their system. Even if the protocol is disclosed, only the civilian part will be disclosed, and the military part will be decided by the army. Compared with IPv9, various security measures in the IPv4/IPv6 network system cannot be decided by themselves, and it is still difficult to guarantee security despite IPv4/IPv6 uses IPsec (Internet Protocol Security), SSL (Secure Sockets Layer), and other measures. Theoretically, it is more difficult to crack the special protocol than the cryptographic algorithm. Besides, according to the current IPv4/IPv6 standards, 32-bit/128-bit addresses cannot be encrypted due to the loss of destination.

3. (3)

   IPv9 adopts the TCP/IP protocol of absolute code class and long stream code, which solves the contradiction between audio and video transmission in packet switching circuit. IP addresses can be used as domain names, which suit the mobile phones and family wide-band network.

4. (4)

   IPv9 has an emergency category, which can ensure unblocked of transmission lines in the case of war and national emergencies. In addition to ciphertext transmission of network communication, the IPv9 protocol also sets the emergency bit due to its protocol standard. In the case of partial destruction of military network in wars, relevant civilian routers can be urgently requisitioned, then routing tables are modified through router broadcasting, so as to achieve the purpose of war requisition.

5. (5)

   As IPv9 adopts a point-to-point circuit, the protection of user privacy is strengthened.

6. (6)

   IPv9 is especially suitable for wireless network transmission.

In addition to the above features, IPv9 is also independent of the original IPv4 and IPv6 network, so the network security and information security can be independently controlled and managed by the new architecture. As a result of independent networking, relevant departments can develop public information services independently and flexibly according to national policies. This is conducive to the development of Chinese information retrieval in the future based on advanced application business system expansion.

In order to comply with user habits, IPv9 is compatible with both IPv4 and IPv6. On the one hand, IPv9 has realized the function of using IPv4 as a tunnel to carry data transmission between two IPv9 subnets. On the other hand, they have also realized the function of using IPv9 as a tunnel to carry data transmission between two IPv4 subnets. In this way, the interconnection between IPv9 and IPv4 is achieved.

The main advantages of IPv9 are as follows. Firstly, IPv9 has an independent intellectual property system and huge cyberspace resources. Secondly, the decimal network system can translate the original binary address directly into decimal text, which is compatible with users’ daily habits. Thirdly, IPv9 comes up with a design scheme, that the domain name and IP address are integrated, as well as the identity code of people and objects is unified. That makes the telephone, mobile phone, domain name and IP address, IPTV, IP phone and so on merge into one number. In this way, the translation process between network domain name and IP address is avoided, which makes the network communication fast and direct, and improves the communication capability of existing network switching equipment. Fourthly, by using specific encryption mechanisms, IPv9 guarantees network security. Fifthly, from the standpoint of safeguarding sovereignty, IPv9 firstly proposes the concept of “sovereignty equality” of cyberspace. The proposed decimal, multi-protocol digital domain name system is compatible with English, Chinese and other domain names that are mapped to globally unique IP addresses.

Although IPv9 has many advantages, there are many criticisms about it in the industry, which are listed as follows:

1. (1)

   The base bits of source addresses and destination addresses used in IPv9 messages are 256 bits, and the maximum is 2048 bits. The 256-bit address space is 2²⁵⁶, and the total number of atoms of ordinary matter in the observable universe is about 10⁸⁰. Its address space is comparable to the total number of atoms of ordinary matter in the observable universe. Using 256 bits as an address space is big enough, and 2048 bits is unimaginable. The actual network does not need such a large amount of address space.

2. (2)

   The address space of IPv9 is too long leading to the problem of inefficient use of address space. There will be a lot of idle addresses without being effectively used.

3. (3)

   Since IPv9 uses the source address and destination address with a 256-bit base bit, which leads to the large message header, and causes many problems in network transmission efficiency and congestion control. An IPv9 header is always required for transmission even for very small data, resulting in low network transmission efficiency. Moreover, the current size of the Ethernet frame based on IPv4 and IPv6 is 1500 bytes. If the IPv9 header takes up too much space, the amount of data transmitted by each frame will be reduced.

4. (4)

   The memory and computing capacity of devices in the Internet of Things and Industrial Internet is limited, and the storage space is usually less than 10 KB. IPv9 with a long header for data transmission is difficult to meet the application requirements of the Internet of Things and other scenarios.

5. (5)

   IPv9 requires that each link on the Internet has an MTU of at least 576 bytes. On any link, if it cannot transmit 576 bytes of data in a data packet, link-related data segments and reassembly must be supported at a level below IPv9.This undoubtedly increases the data processing pressure of the link layer.

6. (6)

   IPv9 directly uses the address as the domain name for content requests, and it has a huge domain name address. How to quickly search, match and forward content requests on the router will be a problem.

7. (7)

   The naming and addressing method used in IPv9 is a big challenge in searching and addressing quickly with huge amounts of identifiers. At the same time, the geographical location addressing scheme proposed by IPv9 requires the conversion of IP address and geographical location address. As the geographical location address and IPv9 address are both long, it is also a challenge in quick search.

8. (8)

   IPv9 adopts a new “decimal” address format, which is different from IPv4 and IPv6, resulting in a barrier to its connection to the Internet.

9. (9)

   IPv9 does not guarantee actual security of the network. The purpose of the TCP/IP protocol family is to help computers in different networks (such as Ethernet, token ring, FDDI, ATM, etc.) to communicate with each other in a virtual “common network”, different protocols are realized differently. Therefore, IPv9 is essentially a different version of the protocol derived from the same technology and different conventions as IPv6. IPv9 does not avoid the inherent defects of IPv4 and IPv6.

10. (10)

    There is no broadcast address in the IPv9 protocol, so the multicast address is used instead of the broadcast address. Using IPv9 to construct a sovereignty network will result in the limitation of real-time, extensibility and flexibility of data transmission.

3.2.2 New IP

In order to support emerging network applications, Huawei Technology Co., LTD. [2] proposed a new protocol framework called “New IP” in 2019. New IP aims to fundamentally support the variable-length, multi-semantic address in network layer and allows user to define and customize networking behavior [3].

New IP studies the following four functional requirements and four performance requirements proposed by four target scenarios of future network 5.0, including ICT infrastructure, industrial Internet, mobile carrier, and holographic communication.

The four functional requirements mainly include endogenous security, network programming and predictable performance, perception and controllable based on large connections, and ubiquitous mobility support.

Traditional security mechanisms mainly protect the system against known vulnerabilities and threats. Different from them, the goal of endogenous security mechanisms is to establish a complete set of endogenous security architecture for the future network. The system should not only guarantee the trustworthiness of communication entities and network infrastructures, but also guarantee the authenticity, suitability, privacy, integrity and confidentiality of end-to-end communication, as well as provide certain availability in case of network failure and attack.

Different applications have different requirements for network transmission quality. According to the characteristics and requirements of different applications, the future network should provide planned, predictable, customizable and differentiated access and transmission rules based on deterministic network behavior. In this way, the service quality of certainty and differentiation is guaranteed.

Perception and controllable beyond large connections refer to the overall consideration of network connections, storages and computing resources under the premise of the explosive growth of the number of communication links caused by the increase of scale and complexity of communication entities.

In the IoT era, classes of business are complex and diverse leading to mobility requirements. Mobility support is also required for some large connection services, so the future network will require efficient, high-speed, large-connection-based mobile communication schemes.

The requirements of the four performances are mainly measured in terms of bandwidth, delay and jitter, packet loss rate.

Based on inheriting existing IP capabilities, the researchers of New IP have proposed many prospective technologies for future needs. New IP aims to provide deterministic network technology and protocol with low delay, security and privacy, connection of everything [4] for the industrial Internet, which is mainly based on future intelligent machine communication. New IP promotes the continuous evolution of network protocols, and supports the technical requirements of 6G and other future businesses. At present, the main research points of New IP [2, 5] are listed as follows:

1. (1)

   The address length of New IP is flexible and variable, which provides diversified routing and addressing schemes. In this way, problems caused by the fixed-length address and the single topology routing mode in the traditional IP network are alleviated. This flexible routing solution satisfies the low consumption of IoT devices through short-address addressing, adapts to the highly dynamic nature of satellite networks through geographic routing, and achieves optimized services in edge computing scenarios through a service-based routing scheme. Flexible and diversified addressing schemes enable New IP to be applied to a variety of heterogeneous cyber scenarios, to realize the interconnection of all things on the Internet.

2. (2)

   Based on reusing the traditional IP network, New IP tries to add a deterministic forwarding mode beyond the current “best effort” service mode. End-to-end deterministic service capabilities are provided at the network layer to ensure deterministic low latency and jitter for specific traffic flows. Through this mode, many future applications with stringent requirements for network service quality assurance will be satisfied, such as intelligent manufacturing, telemedicine, autonomous driving and so on.

3. (3)

   The original Seven Design Principles of IP network did not include security factors. The current IP network is vulnerable to address forgery, privacy exposure, DDoS attacks and other security threats. Based on the STRIDE security model (represents six security threats including Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service and Elevation of Privilege), New IP analyzes and studies the network architecture to build the endogenous security mechanism, which can ensure user privacy. Through the construction of a solid distributed trust foundation, the demand for privacy protection represented by GDPR (General Data Protection Regulation) and the demand for security and trust of industry interconnection can be met.

4. (4)

   To alleviate problems of current transport protocols such as insufficient bandwidth utilization, inability to perceive application requirements and network status and so on, New IP proposes a new transport layer architecture combined with concurrent multi-channel transmission, network coding and cross-layer collaboration mechanism. For future applications such as holographic and full-consciousness communication and AI video processing, New IP can realize ultra-high flux, super-large data burst and differentiated service transmission of business flows.

5. (5)

   New IP explores a user definable network architecture. By carrying instructions and metadata information in messages, users can express more fine-grained and diversified business requirements to the network, such as qualitative transmission and synchronization between multiple business streams. Different from the traditional IP network that can only meet user needs of topology addressing, the New IP can customize data packets according to user definable instructions to support more complex business scenarios in the future.

Although New IP meets the needs of variable-length, multi-semantic address in the network layer and provides a user-customized network as a new architecture, there are many criticisms in the industry due to privacy security, free access and other issues.

3.3 Architecture of Sovereignty Network

3.3.1 Framework

Given the above background and functional requirements, the self-designed architecture MIN (Multi-Identifier Network) [6, 7] is adopted as the main architecture of the sovereignty network. In this book, we use a broadcast television system as the application case to introduce the operational process of the sovereignty network.

There are two primary deficiencies of the existing IP architecture: (1) There is the risk of centralization because IP addresses and Domain Names are allocated and managed by a single agency. (2) The semantic overload of IP addresses reduces its scalability and mobility, which further hinders the security of the system. Global community requires a new form of co-governing network.

To solve the two primary deficiencies of the traditional network, we propose a sovereignty network based on Multi-Identifier Network (MIN) architecture. MIN decentralizes the management of post-IP identifiers by using consortium blockchain with real identity registration [8]. Moreover, MIN is a revolutionary network architecture supporting the coexistence of multiple Network Identifiers, including identity, content, service, geographic information, and IP address, etc. At the same time, MIN supports the compatibility which implies that MIN can be deployed directly over existing IP networks and will gradually replace the IP network by naturally substituting IP traffic with traffic of other identifiers. The primary identifier in MIN is identity. Each resource should be bound to an identity when being uploaded or published.

Sovereignty network uses Multi-Identifier System (MIS) as its management plane. MIS manages users and identities within its domain and balances individual privacy protection and operators’ management with cryptography. MIS has a top to bottom hierarchy: the top domain were implemented by countries through consortium blockchain to achieve MIN co-governing. Each subordinate domain is managed by the corresponding country or organization to ensure systemic security and flexibility in a low-coupling way, as well as the particularity and customization among different domains. Multi-Identifier Router (MIR) is the core equipment of MIN, providing identifiers inter-translation and routing services.

In the MIN network, the function of a complete node is to participate in the in-domain user management and identifier registration on the blockchain, as well as provide services such as identifier transformation and identifier addressing; those nodes are called multi-identifier routers. Besides, there are regulatory nodes, individual users, and enterprise users in the network. The supervisor node is set up in each domain as an interface for data access between the upper and lower domains. Supervisor node takes the charge of multi-identifier, such as identity, content, service, geographic information, and IP address.

We describe the MIN network with a four-layer architecture shown in Fig. 3.1, and our work focuses on the application layer MIS and multi-identifier layer MIR.

Fig. 3.1

The architecture of sovereignty network based on MIN

The function of MIS is responsible for the generation and management of multiple identifiers. The identifier is sent to the supervisor node. After verification and consensus reached by the Consensus Algorithm, its attribution information and operation information will be recorded on the blockchain. Blockchain technology makes the content of the whole network unified and traceable, and prevents content from being illegally modified. The application layer is mainly managed by MIS, which divides the whole network into hierarchical domain networks from top to bottom. Its role in MIN is similar to DNS in the IP network, but DNS functions are only a subset of MIS. Each node of MIS holds a complete identifier database for its domain.

The multi-identifier layer provides resolution service for identifiers, and is also responsible for packet forwarding and filtering. It supports tunnel transmission (IP-MIN-IP, MIN-IP-MIN) and mutual accessing (IP-MIN, MIN-IP) between various identifier scenarios. Each MIR maintains a library of recently used identifiers. Besides there are some technologies proposed by authors to improve the performance, such as HPT-FIB algorithm improving the efficiency of multi-identifier translation and addressing, Hyperbolic Routing model supporting addressing in large scale network, and Transmission Control scheme guaranteeing high quality service.

One of the differences between the sovereignty network and the IP network is the MIN’s security mechanisms. Users register with their personal identity information, such as ID cards, mobile phone numbers, fingerprints. User registration information will be stored in blockchain nodes for subsequent user management. New users have to register with their real identities to access the sovereignty network. Then they can actively publish content in the sovereignty network. But the blockchain system will record a behavior log for each user. Besides, there are a set of security mechanisms in the sovereignty network, such as content retrieving mechanism by blockchain, identity authentication mechanism based on cryptography, the multi-identifier router with content audit procedures, cyberspace mimic defense (CMD), and distributed storage system with endogenous security to guarantee the security of data backup. The security of MIN is analyzed in the third part of the next chapter.

Based on the above architecture, we propose a multilateral co-governing sovereignty network. As a future network architecture, MIN was granted as a World Leading Internet Scientific and Technological Achievements of the 6th World Internet Conference at Wuzhen, China, in 2019. The proposed architecture has been implemented in the operators’ network to test the multi-identifier management functions and VoD function of network transmission. Through the above prototype and experiments, its compatibility with the IP network and progressive deployment has been verified.

3.3.2 Multi-identifier System

MIS divides the whole network into hierarchical domains from top to bottom. The nodes in the top-level domain belong to the organizations of the major countries which jointly maintain a consortium blockchain. The respective regional organizations govern the other domains. Among them, the registration and management mode of identifiers and the specific implementation details can vary. This low coupling guarantees the security of the network and enables customization of each domain [8]. MIS subsystem realizes the storage and co-governance of user information and identification through blockchain technology. Main modules of MIS are listed as follows:

1. (1)

   User registration module. After receiving a user registration request from the client, the request is voted by multiple consortium nodes. If consensus verified, each blockchain node will store the user registration information in a local database and store the registered user information in a user information table.

2. (2)

   User query module. After receiving the query request from the client, this module will query the user information from the user information table and return it to the client.

3. (3)

   Identifier generation module. After receiving a content publishing request from the client, the request is voted by multiple consortium nodes. If the consensus is successful, each node of the blockchain stores the network identity and real address in the local database and transmits them into the mutual translation information table.

4. (4)

   Identifier querying module. After receiving the client’s identifier querying request, this module queries the corresponding real address of the network identifier from the HPT-FIB table and returns it to the client.

The registration process is as follows:

1. (1)

   Step 1: The user who owns the resource submits a request for identifier registration to the node of a regulatory organization.

2. (2)

   Step 2: After receiving the user’s request, MIR transmits the registration data to its corresponding domain according to a specific routing protocol.

3. (3)

   Step 3: The blockchain node of the corresponding domain reviews the compliance of the resource after receiving its identifier registration request. If so, the resource’s identifier is then voted by all the blockchain nodes in the domain to reach a consensus.

4. (4)

   Step 4: The blockchain node then returns the registration result to the original requesting node. Since the complete identifier information is stored in the off-chain database rather than the on-chain block, all databases are synchronized frequently throughout the network to ensure consistency.

MIR’s process to resolve the identifier is as follows:

1. (1)

   Step 1: MIR judges that the identifier is (1) IP address, then query in HPT-FIB. If it exists, it will be resolved. Otherwise, access the traditional IP network through proxies; (2) identity, content and other identifiers, then query in the cache and HPT-FIB. If it exists, it will be resolved. Otherwise, go to Step 2.

2. (2)

   Step 2: If MIR cannot find the identifier, recursively query the upper domain until acquiring it.

3. (3)

   Step 3: If the identifier is not found up at the top-level domain, then query the lower domain according to the information carried by the identifier until the lowest domain. If it exists, MIR will return the resolved result. Otherwise, return an error message.

In MIN, users’ behaviors of publishing and accessing are protected and managed by MIS, and the blockchain undeniably records illegal actions. Only approved content is allowed to be published. At the same time, different identifiers can be defined by different sovereignty subnetworks. The application for an electronic visa for translation between identifiers and content communication between different sovereignty networks of different countries is completed by the blockchain. MIS credibly records transaction history which can be tracked and queried. Thus, MIS ensures that user information and behavior cannot be tampered with and non-repudiation [9].

Therefore, MIN will make the cyberspace in an orderly and secure state, which will direct traffic to the post-IP multi-identifier network tied to the user’s identity. The framework of MIS is shown in Fig. 3.2.

Fig. 3.2

The framework of MIS

3.3.3 Multi-identifier Router

The data plane is mainly composed of switches and MIRs. As the core equipment of the data plane, MIRs are mainly used for identifier inter-translation, routing and addressing, content filtering, data protection, and other functions. To fit different scenarios, MIR supports multiple network identifiers and multiple transmission modes simultaneously. Multiple identifiers include identity, content, service, geographic information, IP address, and other variants. Various transmission modes include the “push” mode represented by IP network architecture and the “pulling” mode represented by Content Centric Network (CCN) architecture.

Due to the large scale of the existing IP network, it cannot be replaced by the new network architecture in one day. Many of the network protocols above the network layer in IP networks are not directly compatible with the content centric network architecture. First, TCP is an end-to-end protocol that communicates through IP addresses and port numbers, which contradicts CCN’s content-based philosophy. Second, in CCN, communication is a user-initiated process of “pulling” the required data. However, in TCP, it is a “push” process in which the sender sends data, and the receiver replies to the acknowledgment message. The two are fundamentally different in semantics. Third, TCP ensures reliable end-to-end transmission, which CCN does not address.

To realize the progressive deployment, TCP and CCN need to communicate mutually in MIN. The MIR scheme is divided into two parts, including the IP network compatibility scheme and the development of new network architecture. A comprehensive transmission scenario should be considered, including IP-MIN-IP, MIN-IP-MIN, IP-MIN and MIN-IP.

1. (1)

   The tunnel between IP-MIN-IP. This module imitates the idea of using IPv4 as a tunnel to transmit IPv6 packets to realize a tunnel of the MIN network. The tunnel enables the MIN network to transmit IP packets, which provides a compromise for the progressive deployment of sovereignty networks whose transmission process is similar to MIN networks. The architecture of this module is shown in Fig. 3.3. The tunnel agent module is deployed on several agent nodes, each of which is both an IP node and a MIN node. One side of the agent node is the IP network, and the other side is the MIN network. The IP network domains in each test are isolated from each other. The communication between them is completely dependent on the packets forwarded by each agent node to each other. For the nodes in the IP network, the tunnel is transparent. The communication mode of IP nodes between different domains is the same as the traditional IP communication mode. This tunnel module is only responsible for transporting packets from one domain to another.

   Fig. 3.3

   

   Connection of IP-MIN-IP transmission

2. (2)

   The tunnel between MIN-IP-MIN. Because the IP network adopts bidirectional “pushing” architecture, this module can directly use the function of transmitting MIN packets with TCP packets as an example. The principle is shown in Fig. 3.4.

   Fig. 3.4

   

   Connection of MIN-IP-MIN transmission

3. (3)

   The tunnel between IP-MIN. IP-MIN communication means the transmission process that the host sending the request is in the IP network and the data it requests is in the MIN. Its architecture is shown in Fig. 3.5. The module is installed on the MIR at the junction of MIN and the IP network to obtain data from MIN for all IP nodes that can communicate with. This module communicates with the IP node through TCP protocol and pulls data from the MIN node through the exchange of interest packets and data packets.

   Fig. 3.5

   

   Connection of IP-MIN transmission

4. (4)

   The tunnel between MIN-IP. Its architecture is shown in Fig. 3.6. This module is installed on the MIR router at the junction of MIN and IP network, which helps MIN nodes in the same domain pull files from the IP network.

   Fig. 3.6

   

   Connection of MIN-IP transmission

The data transmission of the bottom layer of MIN is similar to Information Centric Networking (ICN) [10]. Communication in ICN is driven by data consumers. There are two types of grouping in ICN including interest packets and data packets [11, 12] shown as Fig. 3.7.

Fig. 3.7

Packet types [11]

All data transmission in the MIN network is carried out through these two groups.

3.3.4 Security Situation Awareness System

With the increase of network scale and complexity, the attack technology is constantly innovated, and a large number of new attack methods emerged. In recent years, a variety of security incidents emerged in endlessly. Usually, enterprises need to react until the attack happens, which is difficult to prevent beforehand. Because security regulators cannot control the security situation of the enterprise in real time, they cannot take effective measures in the early stage of threat formation to avoid loss [13].

Security devices, such as firewalls, WAF (Web Application Firewall), IDS (intrusion detection system) and UTM (Unified Threat Management), are deployed independently in enterprises, governments, and financial institutions. So, they handle security incidents independently based on their device capabilities. At present, many security attacks or penetrations are combined or simulate normal access behavior, such as CC (Challenge Collapsar), APT (Advanced Persistent Threat) attacks, etc. This kind of attack threat cannot be protected or identified by a single system, so it needs to be unified protected by association and analysis of multi-system. Therefore, the security state of the entire network and its trend should be attention by network security personnel.

In addition to the endogenous security architecture [14] of the sovereignty network, a MIN security situational awareness system combined with blockchain has been designed and completed to further ensure the security and control of the network. The network status is monitored in real time by the proposed system, which is deployed on the boundary router of MIN. The proposed system senses the security threats that exist at all levels of the server in real time. Specifically, advanced machine learning, deep learning and high-performance computing models are combined to improve analysis efficiency and accuracy. On the other hand, blockchain technology is combined to latch and accurately locate events. The system can help network analysts assess the risk profile and predict future trends (Fig. 3.8).

Fig. 3.8

The architecture of security situation awareness system

The system is divided into three layers including a data collection module, data processing module, and situation assessment module. The data collection module monitors and collects real-time traffic of the network, as well as detects and collects abnormal data of the IP and MIR through the NetFlow tool and TCP dump. The data processing module analyzes, classifies, extracts, and stores the collected data with the Kafka and Scapy. Besides, deep learning algorithms and machine learning algorithms based on single vector machine classification are combined to improve the efficiency of the process. For the host detection, we adopt a comprehensive feature database for testing whose characteristics of library can detect 84 kinds of common abnormal behavior to effective capture of attackers. Then the data will be analyzed with AI technology immediately. According to the result, abnormal traffic and events are recorded and reported to the administrator. The situation assessment module is responsible for assessing and predicting the security situation of the system in real time. The critical security information will be fed back to the administrators to adjust the defending strategy.

Besides, all abnormal events are locked in the PPoV_blockchain to ensure that the record of security threat events is not tampered with, and the attacker’s behavior trajectory cannot be erased, which ensures the integrity of the system security log and further improves the security of the system itself.

The security situation awareness system integrates various security technologies such as packet processing technology based on big data, AI modeling, blockchain, and Cyberspace Mimic Defense. These technologies help decision-makers understand the system security situation in real time. The security situation awareness system traces network behavior and supervises the whole traffic in the global domain to guarantee the security of MIN.

3.4 Processes in Sovereignty Network

The sovereignty network supports a variety of functions, each of them is described in this section with selecting Broadcast TV network as a typical application scenario.

3.4.1 Registration Process

Users need to authenticate and register with real information such as ID number, mobile phone number, and face when they register a MIN account. The system uploads and stores user information in the blockchain. The user registration interface is shown in Fig. 3.9.

Fig. 3.9

Registration interface

3.4.2 Publishing Content by Ordinary Users

In the sovereignty network, the core production and broadcast network can publish video, audio and other content, authorized users can also publish content. The content filmed or produced by the authorized user is transmitted to the blockchain node for voting. If the vote is approved, the content can be published on sovereignty networks. The process of authorized users to publish content is shown in Fig. 3.10.

Fig. 3.10

Ordinary users publish content

1. (1)

   Authorized users log into the network with fingerprint, iris and face.

2. (2)

   After authorized users have logged into the network successfully, they can send the content to be published to the blockchain node. The blockchain node can be deployed on an ID-ICN router, or it can be deployed as a separate server.

3. (3)

   Vote on blockchain. After a vote has been passed, authorized users can publish the content. Information about users and their published content will be stored in the blockchain.

4. (4)

   The user successfully publishes the content. Users can publish content in a distributed storage system with endogenous security or in a localhost.

3.4.3 Publishing Content by Broadcast Network Staffs

Another major source of content published on the sovereignty network is the production and broadcast network, which is shown in Fig. 3.11.

Fig. 3.11

Staffs of the production and broadcast network publish content

1. (1)

   Staffs of the Production and Broadcasting Network obtain content resources from the Internet through Edge Multi-Identifier Router (EMIR) of the sovereignty network.

2. (2)

   Staffs of the Production and Broadcasting Network will produce the content and then publish the content to the network.

3. (3)

   The content reached the Edge ID-ICN router EMIR node is sent to home or business users.

3.4.4 Obtaining Content by Ordinary Users

Enterprise users and home users are collectively referred to as ordinary users. The process of ordinary user gets data can be divided into two classifications. The first is that the data provider is on the IP network. When the ordinary users of the sovereignty network acquire data for the first time, they need to obtain data from the IP network through EMIR. The data transmission process is shown in Fig. 3.12.

Fig. 3.12

Ordinary users obtaining content from IP network

1. (1)

   Ordinary users in the sovereignty network log into the network with fingerprint, iris, face, etc.

2. (2)

   After ordinary users have logged into the network successfully, they can send content requests to MIR, and MIR sends the request to EMIR. Or ordinary users can directly send the request to the EMIR connected to it. The user and corresponding requested content will be recorded by blockchain nodes.

3. (3)

   EMIR reviews the permissions of users in content requests. Its audit method mainly by the following two kinds. One is to record user information in the signature, and EMIR verifies whether the content requested by the user conforms to the scope of authority. Another option is to add a permission domain to the interest packet. EMIR verifies that the content requested by the user conforms to the permission scope based on the permission domain, which can control the scope of its access content according to different levels. The permission information is shown in Table 3.1. If the requested content exceeds the user’s permission, the request is discarded. While it is within the permission, then proceed to the next step.

   Table 3.1 The permission domain levels

4. (4)

   EMIR extracts content information of content request, and then requests the content from the IP network in the traditional way.

5. (5)

   Content providers provide the requested data to EMIR in the traditional way.

6. (6)

   EMIR preliminary audit data with filtering technology, such as keyword filtering, AI classification and identification.

7. (7)

   EMIR encapsulates the requested data in packets of the identity centric network, and then returns them to ordinary users according to the path of the content request.

The second situation of the ordinary user acquiring data is that the content provider is within the sovereignty network (the content publisher is the sovereignty network user). Or the requested content has been cached in the nodes of the sovereignty network, that is, users themselves or other users have requested the same content before. Hence the data can be directly obtained within the sovereignty network. The data transmission process is shown in Fig. 3.13.

Fig. 3.13

Ordinary users obtain content from the sovereignty network

1. (1)

   Ordinary users in the sovereignty network log in using fingerprint, iris, face, etc.

2. (2)

   Then ordinary users send requests to network nodes or EMIR within the sovereignty network.

3. (3)

   If the sovereignty network node or EMIR has cached the requested content, the content is directly returned to the user. Otherwise, the data will be requested from the original data and returned to the requesting user.

3.4.5 Obtaining Content by Broadcast Network Staffs

Staffs of the Production and Broadcasting Network obtain resources from the IP network for producing and publishing. Therefore, they access resources mainly through the IP network. The process of data processing is shown in Fig. 3.14.

Fig. 3.14

Staffs of the production and broadcasting network obtain content

1. (1)

   Staffs of the Production and Broadcasting Network log in with the fingerprint, iris, face, etc.

2. (2)

   Then the staff sends a content request to MIR, and MIR sends the request to EMIR. Or the staff can directly send the request to the EMIR connected to it. The staff and corresponding requested content will be recorded by blockchain nodes.

3. (3)

   EMIR verifies the permissions of the staff in the content request. If the requested content exceeds the staff’s permission, the request will be discarded. If it within the permission, we proceed to the next step.

4. (4)

   EMIR extracts content information of content request, and then requests the content from the IP network in the traditional way.

5. (5)

   Content providers provide the requested data to EMIR in the traditional way.

6. (6)

   EMIR preliminary audit data with filtering technology, such as keyword filtering, AI classification and identification.

7. (7)

   EMIR encapsulates the requested data in data packets of the identity centric network, and then returns them to the staff according to the path of the content request.

8. (8)

   Staffs of the Production and Broadcasting Network produce and publish contents according to the returned data.

3.4.6 Assessing to Sovereignty Data by Extranet Users

Users in the sovereignty network can access to data in the IP network, and users or attackers in the IP network can also access the sovereignty network. However, to guarantee the security of the sovereignty network, EMIR strictly examines active requests from the external IP network. The process is shown in Fig. 3.15.

Fig. 3.15

EMIR examines active requests from the external network

1. (1)

   IP users send requests to EMIR.

2. (2)

   EMIR review request packets.

3.4.7 Signature Algorithm in MIN

When the data is transmitted in the MIN based on Identity Centric Network (ICN), each data packet will be signed and decrypted, which is shown in Fig. 3.16.

Fig. 3.16

The process of signing and decrypting

1. (1)

   When issuing ICN packets, the content publisher uses some hash function to calculate the hash value of the packets.

2. (2)

   The specific signature algorithm is used to sign the hash value with the user’s corresponding private key (i.e., the private key is used to encrypt the hash value asymmetrically). The signature can be appended to the end of the packet or placed between the content name and the data block.

3. (3)

   The content publisher sends the signature and packet together to the content requester.

4. (4)

   Then the requester separates the data signature from the packet. The packet is used to calculate its hash using the same hash algorithm as the content publisher.

5. (5)

   The public key, hash value and signature of the content publisher are used to verify the data integrity and reliability of the signature. If the validation passes, the packet is received; otherwise, the packet is discarded.

3.5 Assessing the Security of Sovereignty Network

3.5.1 Anti-attacking Analysis

One of the main usages of the sovereignty network is to construct secure and private networks. How to ensure the security of the kernel private network is an important issue to be considered in the construction of a sovereignty network. The sovereignty network based on blockchain technology will guarantee the security and reliability from three aspects: identity centric networking, audit filtering mechanism, and endogenous security mechanism.

1. 1.

   Identity Centric Networking

Firstly, the sovereignty network is an identity centric network and it does not rely on IP system. All attacks against IP constructed by using IP security defects are invalid in the sovereign network. Secondly, the public key is used to sign each packet. Thirdly, because the identity centric network is driven by data consumers, only content that has been requested can be sent to consumers, and content producers cannot actively send data. If the external network wants to send the request or the attacker wants to send the data actively, they need to crack the signature of the consumer. The cracking process is mainly to crack the related cryptography algorithm. The attack difficulty of existing encryption algorithms has reached exponential level. For example, the most common RSA algorithm would take decades to run on today’s highest performance supercomputers. Besides, user information, user behavior information is stored in the blockchain in identity centric network. If there is a problem with the published content or the requested content, it can be accurately located to the individual to ensure that the behavior and resources can be managed and controlled.

1. 2.

   Audit Filtering Mechanism

Starting from EMIR, the sovereignty network will set up filtering functions such as firewall, packet detection, text recognition, audio recognition detection, image and video recognition detection, and natural language processing at each MIR where the packet will pass. These filtering functions will filter the harmful data. If attackers want to attack the core network, they need to attack each filtering MIR on the link in turn. An attacker walks along the attack chain taking one step down the chain each time when breaks through a filter. If the attackers are caught by a filter, they move one step back along the attack chain. Through the multi-layer filtering mechanisms, the spread of attacks is effectively prevented in the network.

1. 3.

   Endogenous Security Mechanism

The core equipments of the sovereignty network are constructed with the Cyber Mimic Defense (CMD) architecture which has endogenous security characteristics. In the field of cyber defense, similar to the biological mimic defense, CMD changes its architecture under the premise of its service function and the target object, which improves the difficulty of attack. The common architecture reconfigures the internal structure, redundant resources, operating system, core algorithm, and environment to avoid the unknown back door or Trojan virus. Therefore, a plausible scenario is presented to the attacker, which disrupts the construction and effectiveness of attack chains to multiplicate the cost of attack.

3.5.2 Security Mechanisms

The security of the sovereignty network can be analyzed from the above three aspects, among which the main security mechanism is listed as follows.

1. (1)

   The resources in the sovereignty network can only be actively obtained by the users within the sovereignty network. IP network users cannot actively force the data into the sovereignty network. Hence the attacker cannot scan and attack the system continuously as in the IP network, and cannot even send malicious information to the sovereignty network. This will be guaranteed by the following two mechanisms:

   • The sovereignty network adopts a “pull” mode, namely the receivers pull data actively.

   • If users want to pull data in the sovereignty network, they need to sign in with their real identity information. Therefore, harmful data flowing into the sovereignty network can be traced to a specific user avoiding the intentional introduction of harmful data from the IP network by users in the sovereignty network.

2. (2)

   For users in the sovereignty network, blockchain will record requested contents, published contents, and corresponding users. The information stored in the blockchain cannot be tampered with, so the abnormal content can be quickly and accurately located to individuals with high reliability.

3. (3)

   The identity centric network is used within the sovereignty network, and the transmission mode is completely different from the IP network. Therefore, the operating environment will be disabled in the sovereign network for some malicious viruses and traffic that bypass the filtering mechanism to enter the sovereignty network, as well as attack methods that make use of the IP network for destruction. For example, the network worm that can replicate in the IP network, cannot propagate in an identity centric network. Malicious manipulation of a host through a TCP port will also fail. Traditional IP attacks may lead to EMIR failure at most, but the security and reliability of users, resources and equipments within the sovereign network can be guaranteed and protected against attacks.

4. (4)

   The address space of the sovereignty network is huge leading to the large computational complexity of running the malicious address scanning program, which makes the scanning not feasible.

5. (5)

   Various filtering mechanisms are used on EMIR to prevent harmful data from entering the sovereignty network, such as AI content audit procedure.

6. (6)

   After the content is transmitted into the sovereignty network, firewall, packet detection, text recognition detection, audio recognition detection, image and video recognition detection, natural language processing, manual review and other mechanisms are used to filter the transmitted content layer by layer, to further ensure the security and reliability of the core network.

7. (7)

   The CMD architecture is used for constructing the storage and core equipments to further ensure system security and real-time operation in the core network.

8. (8)

   Other routine security mechanisms.

3.6 Protocol Architecture of Sovereignty Network

Since the sovereignty network adopts an identity centric network as its architecture of the core network, it is completely different from the traditional IP network. Protocols in the IP network may not be applicable in the sovereignty network. But the link layer and physical layer of the IP network are similar to the sovereignty network, so both of these two layers can be applied in the sovereignty network without any changes. Protocols in the application layer of the IP network need to be modified to adapt the sovereignty network.

To make the applications of the sovereignty network take full advantage of the characteristics of the multi-identifier network, the network architecture should be redesigned. As shown in Fig. 3.17, the network architecture consists of four layers: application layer, multi-identifier network layer, data link layer and physical layer. This architecture is compatible with traditional applications, but does not correspond exactly to the TCP/IP model. The protocols used in the sovereignty network are shown in Table 3.2.

Fig. 3.17

The protocol architecture of sovereignty network

Table 3.2 Protocols in sovereignty network

We describe the protocol architecture shown in Fig. 3.17.

The sovereignty network adopts an identity centric network as the core network and takes the identity identifier as the core authentication identifier. Compared with the current IP network protocol stack, the sovereignty network establishes the multi-identifier network layer which combines and simplifies the transport layer and the network layer in the IP network. The protocols in the application layer of the sovereignty network are roughly similar to those in the application layer of IP network, while authentication is added in the network layer, and identity is taken as the prior condition of routing. By adding the content identifier field, the translation of content and identity identifier has been realized. Identity information represents the personal information of the publisher, such as ID number, mobile phone number, MAC address of the publisher’s device and so on. Among them, the packet forwarding among multi-identifier network layer, application layer and data link layer is through the Face. Face is an abstraction of the network communication channel, which represents not only the interface connection information of physical devices, but also the port information between communication process protocols. The data link layer and physical layer are roughly similar to the current IP network, including CSMA, PPP, Copper, etc.

The identifiers in MIN (Multi-Identifier Network) support a variety of communication modes with different semantics such as push and pull semantics. To guarantee the transmission performance in different communication modes, we propose MIT (Multi-Identifier Network Transmission Control Protocol), which allows the MIR nodes to participate in transmission control to balance the network load.

MIT exploits the explicit congestion detection and notification scheme. The MIR nodes periodically detect its congestion status by using the AQM (Active Queue Management) algorithm. In order to notify the current network status to downstream nodes, the MIR node marks data packets through setting the congestion tag. Once receiving the explicit congestion message, the end host will adjust its packets sending rate correspondingly to make full use of network resources and avoid network congestion. For packets with pull semantics, the receiver adjusts its sending rate according to the congestion mark in received data packets. For packets with push semantics, the receiver marks the reply packet through the congestion mark in the received data packet, so the sender can fully perceive whether their packets cause network congestion through the reply packet.

MIN realized the multilateral co-governing and sovereignty autonomy in cyberspace for the first time. In 2019, MIN and its prototype system were awarded as the leading technological achievements of the sixth World Internet Conference at Wuzhen, China [15] (Figs. 3.18 and 3.19).

Fig. 3.18

The 6th World Internet Conference

Fig. 3.19

The 6th World Internet Conference-MIN