Security-Aware Planning of Packet-Over-Optical Networks in Consideration of OTN Encryption

The fast development of cloud computing and Big Data applications has promoted virtualization technologies such as network function virtualization (NFV), which in turn dramatically increased the amount of sensitive data being transmitted over the optical networks for datacenter interconnections (DCIs). To ensure the physical-layer security in DCIs, people have developed optical transport network (OTN) encryption technologies, i.e., leveraging high-speed encryption cards (ECs) to encrypt OTN payload frames. Although experimental studies have confirmed the benefits of ECs in terms of line-speed processing, low latency, and small encryption overhead, the problem of how to utilize them to build a secure packet-over-optical network with high cost-effectiveness has not been explored yet. In this paper, we study how to realize cost-effective and security-aware multilayer planning in a packet-over-optical network that covers both trusted and untrusted zones, in consideration of OTN encryption. We first formulate an integer linear programming (ILP) model to minimize the total capital expenditure (CAPEX) of the multilayer planning, which includes the costs of OTN linecards (LCs), ECs, and bandwidth resources, and solve the optimization exactly. Then, we prove the $\mathcal {NP}$ -hardness of the multilayer planning, and to reduce the time complexity, we propose a column generation (CG) model and design a more time-efficient approximation algorithm based on it. Our simulation results confirm the performance and advantages of our CG-based proposal, i.e., it is much more time-efficient than solving the ILP directly, and outperform the existing heuristic in terms of total CAPEX and costs of used LCs and ECs.

[1]  Paul R. Prucnal,et al.  Optical Layer Security in Fiber-Optic Networks , 2011, IEEE Transactions on Information Forensics and Security.

[2]  Zuqing Zhu,et al.  Cost-Efficient Virtual Network Function Graph (vNFG) Provisioning in Multidomain Elastic Optical Networks , 2017, Journal of Lightwave Technology.

[3]  Zsigmond Szilárd,et al.  Physical-layer security in evolving optical networks , 2016, IEEE Communications Magazine.

[4]  Marc Ruiz,et al.  Solving Routing and Spectrum Allocation Related Optimization Problems: From Off-Line to In-Operation Flexgrid Network Planning , 2014 .

[5]  Qing Ling,et al.  Evacuate Before Too Late: Distributed Backup in Inter-DC Networks with Progressive Disasters , 2018, IEEE Transactions on Parallel and Distributed Systems.

[6]  Richard DiPasquale,et al.  Business continuity and security in datacenter interconnection , 2012, Bell Labs Technical Journal.

[7]  Jingjing Yao,et al.  Highly efficient data migration and backup for big data applications in elastic optical inter-data-center networks , 2015, IEEE Network.

[8]  Biao Lu,et al.  System innovations in open WDM DCI networks , 2020, Photonic Network Communications.

[9]  Zuqing Zhu,et al.  Novel Location-Constrained Virtual Network Embedding (LC-VNE) Algorithms Towards Integrated Node and Link Mapping , 2016, IEEE/ACM Transactions on Networking.

[10]  Zuqing Zhu,et al.  Advanced optical-label routing system supporting multicast, optical TTL, and multimedia applications , 2005, Journal of Lightwave Technology.

[11]  M Furdek,et al.  Attack-Aware Wavelength Assignment for Localization of In-band Crosstalk Attack Propagation , 2010, IEEE/OSA Journal of Optical Communications and Networking.

[12]  Jing Zhu,et al.  Physical-Layer Security in MCF-Based SDM-EONs: Would Crosstalk-Aware Service Provisioning be Good Enough? , 2017, Journal of Lightwave Technology.

[13]  Wei Lu,et al.  Joint Spectrum and IT Resource Allocation for Efficient VNF Service Chaining in Inter-Datacenter Elastic Optical Networks , 2016, IEEE Communications Letters.

[14]  Junjie Liu,et al.  On Dynamic Service Function Chain Deployment and Readjustment , 2017, IEEE Transactions on Network and Service Management.

[15]  Jing Zhu,et al.  On Security-aware Multilayer Planning for IP-over-Optical Networks with OTN Encryption , 2020, ICC 2020 - 2020 IEEE International Conference on Communications (ICC).

[16]  Baojia Li,et al.  AI-Assisted Knowledge-Defined Network Orchestration for Energy-Efficient Data Center Networks , 2020, IEEE Communications Magazine.

[17]  Zuqing Zhu,et al.  Virtual Optical Network Embedding (VONE) Over Elastic Optical Networks , 2014, Journal of Lightwave Technology.

[18]  Zuqing Zhu,et al.  On the cross-layer orchestration to address IP router outages with cost-efficient multilayer restoration in IP-over-EONs , 2018, IEEE/OSA Journal of Optical Communications and Networking.

[19]  Zuqing Zhu,et al.  RF photonics signal processing in subcarrier multiplexed optical-label switching communication systems , 2003 .

[20]  L. Velasco,et al.  Survivable IP/MPLS-Over-WSON Multilayer Network Optimization , 2011, IEEE/OSA Journal of Optical Communications and Networking.

[21]  Changsheng You,et al.  Dynamic and Adaptive Bandwidth Defragmentation in Spectrum-Sliced Elastic Optical Networks With Time-Varying Traffic , 2014, Journal of Lightwave Technology.

[22]  Marc Ruiz,et al.  Column generation algorithm for RSA problems in flexgrid optical networks , 2013, Photonic Network Communications.

[23]  Francesca Parmigiani,et al.  Beyond the mega-data center: networking multi-data center regions , 2020, SIGCOMM.

[24]  Jing Zhu,et al.  Attack-Aware Service Provisioning to Enhance Physical-Layer Security in Multi-Domain EONs , 2016, Journal of Lightwave Technology.

[25]  Shengli Yuan,et al.  Protection of Optical Networks against Interchannel Eavesdropping and Jamming Attacks , 2014, 2014 International Conference on Computational Science and Computational Intelligence.

[26]  Baojia Li,et al.  Deep-NFVOrch: leveraging deep reinforcement learning to achieve adaptive vNF service chaining in DCI-EONs , 2019, IEEE/OSA Journal of Optical Communications and Networking.

[27]  Yawei Yin,et al.  Low-margin optical networking at cloud scale [Invited] , 2019, IEEE/OSA Journal of Optical Communications and Networking.

[28]  J. Desrosiers,et al.  A Primer in Column Generation , 2005 .

[29]  Fen Zhou,et al.  Joint Optimization for Multicast Provisioning in Mixed-Line-Rate Optical Networks With a Column Generation Approach , 2018, Journal of Lightwave Technology.

[30]  Wenjian Fang,et al.  Orchestrating Tree-Type VNF Forwarding Graphs in Inter-DC Elastic Optical Networks , 2016, Journal of Lightwave Technology.

[31]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[32]  Zuqing Zhu,et al.  Demonstration of variable-length packet contention resolution and packet forwarding in an optical-label switching router , 2004, IEEE Photonics Technology Letters.

[33]  Jing Zhu,et al.  Leveraging Game Theory to Achieve Efficient Attack-Aware Service Provisioning in EONs , 2017, Journal of Lightwave Technology.

[34]  Vijay Vusirikala,et al.  Open optical communication systems at a hyperscale operator [Invited] , 2020, IEEE/OSA Journal of Optical Communications and Networking.

[35]  Zuqing Zhu,et al.  Data-Oriented Task Scheduling in Fixed- and Flexible-Grid Multilayer Inter-DC Optical Networks: A Comparison Study , 2017, Journal of Lightwave Technology.

[36]  S. J. B. Yoo,et al.  Demonstration of Cooperative Resource Allocation in an OpenFlow-Controlled Multidomain and Multinational SD-EON Testbed , 2015, Journal of Lightwave Technology.

[37]  Zhong Pan,et al.  Jitter and Amplitude Noise Accumulations in Cascaded All-Optical Regenerators , 2008, Journal of Lightwave Technology.

[38]  Ming Xia,et al.  Open and disaggregated optical transport networks for data center interconnects [Invited] , 2020, IEEE/OSA Journal of Optical Communications and Networking.

[39]  Zuqing Zhu,et al.  On Multi-Layer Restoration in Optical Networks with Encryption Solution Deployment , 2018, 2018 Optical Fiber Communications Conference and Exposition (OFC).

[40]  Zuqing Zhu,et al.  On Cost-Efficient Integrated Multilayer Protection Planning in IP-Over-EONs , 2018, Journal of Lightwave Technology.

[41]  Zuqing Zhu,et al.  Design QoS-Aware Multi-Path Provisioning Strategies for Efficient Cloud-Assisted SVC Video Streaming to Heterogeneous Clients , 2013, IEEE Transactions on Multimedia.