Table 3 Comparison of 3 types of security solutions.
From: A data plane security model of SR-BE/TE based on zero-trust architecture
| Â | SR native security solution | Main routing security scheme | ZbSR security solution |
|---|---|---|---|
Means | Source routing, trust domain, packet authentication, load balancing, fault detection, fault recovery, service hiding | Identity verification, node verification, trusted hardware, centralized control, collaborative filtering, new technologies | Introduce security component based on ZTA concept |
Advantages | Helps to improve security autonomously without additional security mechanisms | Provide adaptive security solutions for a variety of specified network scenarios | Design for segmented routing; Provide comprehensive protection; It can be used in new zero-trust application scenarios |
Disadvantages | The source routing feature of the segmented route has security vulnerabilities, which makes it difficult to face some new zero-trust security threat scenarios | Features such as source route and segment label of a segmented routing network are not combined. Lack of comprehensive means of protection | The existing SDP architecture needs to be improved for segmented routing. You can control only the terminal devices that access the domain, but cannot directly control the intra-zone routing devices |
