multi-layered optical network security hwajung lee department of information technology radford...
TRANSCRIPT
![Page 1: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/1.jpg)
Multi-layered Optical Network Security
Hwajung Lee
Department of Information Technology
Radford University
![Page 2: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/2.jpg)
Contents
BackgroundResearch Goal and Three Main Results
Survivable Optical Layer Design Survivable IP Layer Design Reconfiguration preserving Survivability
Concluding Remarks
![Page 3: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/3.jpg)
Regeneration/AdaptationO-E-O
SONETTerminal
IP Router
All Optical
Networks
All Optical
Networks
All Optical
Networks
All Optical Networks
![Page 4: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/4.jpg)
Extremely high data rate
AON Security Characteristics
• 1.6 Terabits per second is equivalent to 320 million
Pages/sec of informationIf eavesdropping attack lasts only 1 second, 320 million
page of classified information could be compromised.
• 1.6 Terabits per second is 25 million simultaneous
telephone conversation.If a link failure lasts only 1 second, 25 million
simultaneous telephone conversation could be disrupted.
Short and infrequent attacks or failures can result in loss of large amounts of data.
![Page 5: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/5.jpg)
Any Security Solutions?
ConfidentialityIntegrity
Cryptography (PKI, Digital Signature…)
Availability
We have a security hole to fill in.
:by guaranteeing the network survivability.
![Page 6: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/6.jpg)
Network Model: lP over WDM Network
More layers in an overlay modelsCons More Redundant
functions Large header data
Thus, getting simpler.
ATM
ATM
IP
IP
IP IP
WDM Optical Network
SONET/SDH
SONET/SDH
![Page 7: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/7.jpg)
Terminology
WDM : Wavelength Division MultiplexingLightpath : Transfer Path from Source to Sink
in Optical NetworkFault Propagation : Failure from a layer
propagates into other network layers.Logical Topology : IP layerPhysical Topology : WDM layerLogical topology (Upper Layer) is called
survivable if it remains connected under an impact of fault propagation in the presence of a single optical link (Lower Layer) failure.
![Page 8: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/8.jpg)
What is WDM?
Mux Demux
![Page 9: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/9.jpg)
R
R
R
R
R
End User End UserEnd User
End UserEnd UserEnd User
End User
C
A B
C
A B
EmbeddingFault Propagation
Cons of WDM Protection1. Requires to reserve extra resources.2. Can be failed.
Not Survivable
LogicalTopology
![Page 10: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/10.jpg)
R
R
R
R
R
End User End UserEnd User
End UserEnd UserEnd User
C
A B
C
A B
Example of a Survivable Logical Topology
SurvivableR
R
R
R
R
End U ser End U serEnd U ser
End U serEnd U serEnd U ser
End User
CA B
End User
LogicalTopology
![Page 11: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/11.jpg)
Sometimes, there is no way to have a Survivable
Logical Topology Embedding on a Physical Topology.
Survivable Logical Topology
e1
e2
…
…a
c
b
d …
…
…
…
d
b
c
a
Electronic Layer= Logical Topology
Optical Layer= Physical Topo.
2-Edge Connected
![Page 12: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/12.jpg)
Research Goal
Logical topology
Physicaltopology
Support Survivability in IP over WDM network against a single link failure in an WDM network.
1st Problem : Design of Survivable IP over WDM Ring Networks
Main Result 1
![Page 13: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/13.jpg)
LemmaFour Nodes
a b
c d
G rightG left e i
e j
a
c ...
... b
d...
...a
c ...
... b
d...
...
e i
e j
a b
c
a b
c d d
![Page 14: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/14.jpg)
Lemma (Cont.) Three Nodes
a b
c
e i
e j
G rightG left a
c ...
... b
...
...
e i
e j
a b
c
a b
c
![Page 15: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/15.jpg)
Lemma (Cont.)
Suppose G is 2-edge-connected and G0 is a ring. For any edge cut of size two {(a, b), (c, d)} in G, nodes f(a), f(c), f(b), f(d), in this order, may not be lay out in G0 in the clockwise or counterclockwise direction.
![Page 16: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/16.jpg)
Embedding Algorithm
a
gh
f
ecd
b
kl
j
ia
gh
f
ecd
b
kl
j
i
G le ft G right
G lle ft
G rle ft
a
cd
b
a
cd
b
G le ft G right
d
a b
a
cd
b
cd
a b
a
gh
f
ecd
b
kl
j
i
G le ft G right
G lle ft
G rle ft
e
fg
h
a
gh
f
ecd
b
kl
j
i
e c d
ab
fg h
j
kl
i
a
gh
f
ecd
b
kl
j
i
G le ft G right
G lle ft
G rle ft
cd
a b
e
fg
h
![Page 17: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/17.jpg)
Theorem
Given a 2-edge-connected IP topology G and a ring network G0 as the WDM optical network topology, there exists a mapping of G into G0 such that G is tolerant to the failure of any single link in G0.
![Page 18: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/18.jpg)
Main Result 2
Logical topology
Physicaltopology
2nd Problem : Design of Survivable Virtual Topology in IP over WDM
Does Survivable Embedding
Exist?
Add Additional links on
the Logical Topology
Yes No
Done
![Page 19: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/19.jpg)
Survivable LT design possible Completely connected (i.e., (n-1)-edge connected)
NO survivable LT design when logical topology G is 2-edge connected 3-edge connected 4-edged connected
Degree Constraints Survivable LT design possible when min. degree >= No survivable LT design for min. degree <= ( -1)
Experimental Results – Near Optimal
2n 3
n 2
Problem Complexity
![Page 20: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/20.jpg)
1
43
525
3 4
2
1
Complete Graph: Survivable
![Page 21: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/21.jpg)
k
a 2
b 1
f
e h
b 2
i
a 1
d 1
c 1
g
c 2
l
jd 2
C 1
C 2
C 3C 4
a 1
f
b 2
a 2
e
b 1
k
3-edge Connected Graph: not Survivable
![Page 22: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/22.jpg)
b1
b3
b2
b4
c1
c3
c2
c4
d1
d3
d2
d4
e1
e3
e2
e4
a1
a3
a2
a4
C1
C2
C3
C4
a1
a4
a2
a3
e2
e1
e4
e3
c4
c2
c3
c1
b4
b3b2
b1
d3
d1
d4
d2
4-edge Connected Graph: not Survivable
![Page 23: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/23.jpg)
n-10
n/4+1
n/3-1
n/4
n/2n/2-1 2n/3
n/2+j
L R
Number of Nodes = b Number of Nodes = b
j n-j-1...
... ...
.... . .
...
...
...
si +i (L); si - I + n -1(R)
t: highest index in L smallest_component4 cases: t -1; t ; t -2; t= -1
n 6
n 6
n 4
n 3
n 4
n 3
n 3
Shortest Path Routing: Survivable if (minimum d ) 2n
3
![Page 24: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/24.jpg)
: Vodd
: Veven
Kn/2-1 Graphn-1Kn/2-1 Graph 0
0 n-1
... .........
...
Shortest Path Routing: not Survivable if (minimum d -1 )
n 2
![Page 25: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/25.jpg)
Heuristic Algorithmbased on Shortest Path Routing
Embed logical links to lightpaths.
Cut each optical linkand Calculate
the # of Components.
Find an optical link (x,y)with the maximum # of
components.
optical link (x,y)# of components
sets of components={C1, C2, …}
Max # = 1 Done
Add an additional lightpathconnecting a node
from Ci to a node from Cj
without using (x,y).No
No
Yes
![Page 26: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/26.jpg)
Numerical Results# of Simulations = 1000
n = 100
0
5
10
15
20
25
0.02
80.
040.
060.
08 0.1
0.2
link probability p
aver
age
# o
f ad
dit
ion
al l
igh
tpat
hs
2 edge-connected
arbitrary
22.953
7.037
1.8611.938
0.0080.0023.357
![Page 27: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/27.jpg)
Numerical Results# of Simulations = 1000
n = 200
0123456789
10
0.02
80.
040.
060.
08 0.1
0.2
link probability p
aver
age
# o
f ad
dtio
nal
lig
htp
ath
s
2 edge-connected
arbitrary
8.889
0.4940.549 0.023
0.027
4.632
![Page 28: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/28.jpg)
Numerical Results# of Simulations = 1000
n = 300
-1
1
3
5
7
9
11
0.02
80.
050.
070.
090.
110.
130.
15
link probability p
aver
age
# o
f ad
dti
on
al l
igh
tpat
hs
2 edge-connected
arbitrary
10.293
0.533
5.585
0.814
0.0270.027
![Page 29: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/29.jpg)
Main Result 3
Physicaltopology
3rd Problem : Reconfiguration of Virtual Topologies Preserving Survivability
Survivable Embedding has been done.
Logical topology
NewLogical
topology
New Survivable Embedding
![Page 30: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/30.jpg)
Reconfiguration of Survivable Logical Topologies
0 1
23
0 1
23
0 1
23
Survivable Logical Topology = G1 Survivable Logical Topology = G2
Physical Topology = Gp# of Ports = 3
Add G2\G1 to form G1 G2
Delete G1\G2
# of Wavelength = 3
What if # of Wavelength < 3 or # of Ports < 3
![Page 31: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/31.jpg)
Problem Complexity
Sometimes, we need to… Modify the current embedding of some
lightpaths in G1 G2 . Temporarily delete and reestablish some
lightpaths in G1 G2 due to the wavelenth constraint.
Temporarily add some lightpaths not in G1 G2 and delete to guarantee the survivability during the reconfiguration.
![Page 32: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/32.jpg)
Simple Reconfiguration Approach
add a lightpath btw each pair of adjacent nodes,
delete all lightpaths in G1 except the above, and
establish all lightpaths in G2 based on its survivable embedding.
If the current lightpath setup uses W-1 wavelength
in each optical link and upto p-2 ports at each node,
1
2
3 4
5
6
W = 4, p = 6
![Page 33: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/33.jpg)
Limitation of Simple Reconfiguration Approach
1
42
n
3
...n -k + 2
n -kn -k + 1
......
W = n- k + 1
![Page 34: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/34.jpg)
MinCostReconfiguration Cost = # of add * UnitCostadd + # of delete * UnitCostdelete
Given Input : M1, M2, Gp
Output : Wadd,
Wadd = Wreconfig – max{WM1, WM2
}
Constraintsthe number of port p, the number of wavelength W
Objectives(1) To minimize Wreconfig while reconfiguration cost is
preserved minimum.(2) During the entire period of reconfiguration,
(1) The logical topology remains survivable (2) The port p and wavelength W constraints are satisfied.
![Page 35: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/35.jpg)
MinCostReconfiguration Survivable Embedding, M2,
Of G2 to GP
Compare M2 with the currentsurvivable embedding M1
and Generate ADD set andDELETE set
Add lightpaths in ADDas long as
not violate W constraint
Delete lightpaths in DELETEas long as not violatesurvivability constraint
Wreconfig=max{WM1,WM2
}
ADD = ø andDELETE = ø
Any Additionand Deletion
Wreconfig = Wreconfig + 1
Done
Yes
Yes
No
No
![Page 36: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/36.jpg)
Numerical Results # of Simulations per each case = 500
n = 8
Max Min Avg Max Min Avg Max Min Avg10% 1 0 0.008 8 4 5.784 8 3 5.464 1.091 1.40020% 2 0 0.068 8 3 5.770 7 3 5.388 2.375 2.80030% 2 0 0.100 8 3 5.692 8 3 5.380 3.762 4.20040% 2 0 0.122 8 4 5.806 8 3 5.282 5.420 5.60050% 2 0 0.076 8 4 5.800 8 3 5.368 6.710 7.00060% 2 0 0.062 8 3 5.796 8 3 5.180 8.212 8.40070% 2 0 0.092 8 3 5.772 7 3 5.086 9.433 9.80080% 2 0 0.064 8 3 5.772 8 3 4.850 10.869 11.20090% 1 0 0.066 8 4 5.750 7 3 4.736 12.099 12.600
Average 8 3.4 5.771 7.7 3 5.193
# of Diff Conn Req. (from Simulation)
Expected # of Diff Conn Req.(Calculated)
<WADD> <WM1> <WM2>
DiffFactor = (# of different conn. Req.) (total # of possible conn. Req.)
Wadd = Wreconfig – max{WM1, WM2
}
![Page 37: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/37.jpg)
Numerical Results# of Simulations per each case = 500
n = 16
Max Min Avg Max Min Avg Max Min Avg10% 3 0 0.034 21 10 14.588 19 8 13.360 5.971 6.00020% 1 0 0.008 20 11 14.668 20 7 13.026 12.155 12.00030% 2 0 0.012 21 9 14.698 20 7 14.330 17.790 18.00040% 4 0 0.064 22 10 14.726 19 9 14.586 24.118 24.00050% 5 0 0.076 20 10 14.528 19 9 14.536 29.923 30.00060% 3 0 0.046 21 10 14.610 20 9 14.426 35.977 36.00070% 2 0 0.020 21 10 14.624 19 6 14.182 42.221 42.00080% 1 0 0.008 22 10 14.594 19 7 13.158 47.889 48.00090% 1 0 0.008 21 10 14.506 20 9 13.332 54.062 54.000
Average 21 10.0 14.616 19.4 7.9 13.882
# of Diff Conn Req. (from Simulation)
Expected # of Diff Conn Req.(Calculated)
<WADD> <WM1> <WM2>
![Page 38: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/38.jpg)
Max Min Avg Max Min Avg Max Min Avg10% 3 0 0.104 52 34 42.742 52 34 42.802 24.904 24.80020% 3 0 0.114 52 33 42.988 54 32 42.716 49.400 49.60030% 4 0 0.140 54 35 43.100 52 35 42.916 74.557 74.40040% 2 0 0.074 52 34 43.020 52 34 42.802 98.931 99.20050% 3 0 0.094 53 34 42.896 56 34 42.896 124.731 124.00060% 4 0 0.086 52 34 42.714 52 36 42.634 148.447 148.80070% 3 0 0.084 52 35 42.710 56 34 42.468 173.743 173.60080% 3 0 0.046 53 34 42.834 53 34 42.614 198.260 198.40090% 7 0 0.056 54 34 42.824 53 33 42.822 223.142 223.200
Average 53 34.1 42.870 53.3 34 42.741
# of Diff Conn Req. (from Simulation)
Expected # of Diff Conn Req.(Calculated)
<WADD> <WM1> <WM2>
Numerical Results# of Simulations per each case = 500
n = 32
![Page 39: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/39.jpg)
Numerical ResultsDiffFactor = 2(|E(G1)-E(G2)|+|E(G2)-E(G1)|)/n(n-1)
500 Simulations for Each Case
0.008
0.068
0.100
0.122
0.076
0.062
0.092
0.064 0.066
0.034
0.0080.012
0.064
0.076
0.046
0.020
0.008 0.008
0.104
0.114
0.140
0.074
0.094
0.086 0.084
0.046
0.056
0.000
0.020
0.040
0.060
0.080
0.100
0.120
0.140
0.160
10% 20% 30% 40% 50% 60% 70% 80% 90%
Difference Factor
# o
f A
dd
itio
na
l Wa
ve
len
gth
s
Avg (n=8)
Avg (n=16)
Avg (n=32)
![Page 40: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/40.jpg)
Concluding Remarks
Sometimes, there is no way to have a Survivable
Logical Topology Embedding
on a Physical Topology.However, the results say that we can always find
a way to have a survivable embedding by carefully designing a WDM topology or an IP topology.
Moreover, by using a small number of additional lightpath, we can always preserve survivability while the reconfiguration is being proceeded.
![Page 41: Multi-layered Optical Network Security Hwajung Lee Department of Information Technology Radford University](https://reader035.vdocuments.us/reader035/viewer/2022062221/56649f055503460f94c1a964/html5/thumbnails/41.jpg)
Thank you