Presentation is loading. Please wait.

Presentation is loading. Please wait.

Multi-layered Optical Network Security

Published byLynette Kelley Modified over 8 years ago

Similar presentations

Presentation on theme: "Multi-layered Optical Network Security"— Presentation transcript:

1 Multi-layered Optical Network Security
Hwajung Lee Department of Information Technology Radford University Good afternoon, everyone. I am pleased to share this presentation with you. My name is Hwajung Lee from the George Washington University. Today, I’ll present my research on “Design of Survivable IP over WDM Optical Network”.

2 Contents Background Research Goal and Three Main Results
Survivable Optical Layer Design Survivable IP Layer Design Reconfiguration preserving Survivability Concluding Remarks First of all, I will explain the background. Then, Research goal and three main results for three problems will be presented. Concluding remarks will follow. I place the Related works after that. And my publications and career plans will be shown.

3 All Optical Networks All Optical Networks Regeneration /Adaptation
O-E-O SONET Terminal IP Router Are you a beneficiary of optical network ? Today, majority of major network backbone is using optical fiber. Thus, yes you are a beneficiary. However, it can not be called “All optical network” // since, most of the case, optical fiber is used purely as a transmission medium,/ serving as a replacement for copper cable,/ and all the switching and processing bits is handled by electronics.// So, / while the optical signal is delivered from a source to a destination,/ the optical signal goes through optical-electronic-optical conversion./ To be called “All optical network,” the OEO conversion should be eliminated, /since it is a bottleneck,/ and all the switching, routing, and processing bits should be done in optical domain.// Of course, the data services at the source and at the destination can be done electronically. Lots of research has been done but not deployed yet due to the huge installation cost and the research still going on and heads to achieve Terabits speed. In this environment, what can be a major problem in a sense of network security? ============ Even though they have optical cross connector, which is an optical switch, it can not change the configuration dynamically. It’s static. Thus, we do not consider that is all optical network. It’s 1st generation optical network. it is the form that optical fiber just connects between electronic routers or switches. In the currently installed optical network, there are lots of optical-electronic-optical signal conversion while the signal transfer from a source to a destination, which causes lot of transmission delay in optical network. By eliminating the OEO conversion, all optical network expects to achieve up to Terabits speed. All Optical Networks All Optical Networks

4 AON Security Characteristics
Extremely high data rate Short and infrequent attacks or failures can result in loss of large amounts of data. 1.6 Terabits per second is equivalent to 320 million Pages/sec of information If eavesdropping attack lasts only 1 second, 320 million page of classified information could be compromised. 1.6 Terabits per second is 25 million simultaneous telephone conversation. If a link failure lasts only 1 second, 25 million simultaneous telephone conversation could be disrupted. Due to the extremely high speed, short and infrequent attacks or failures can result in loss of large amounts of data. For example, ~ So, is there any security solution?

5 Any Security Solutions?
Confidentiality Integrity  Cryptography (PKI, Digital Signature…) Availability  We have a security hole to fill in. :by guaranteeing the network survivability. To achieve confidentiality, Integrity such as authentication, authorization, we can integrate the existing security solutions for electronic domain such as cryptography including PKI, Digital Signature, and so on. But, for availability, especially network availability, we have a security hole to fill in by guaranteeing the network survivability. Now, let’s see what is the hole and what can be the solution.

6 Network Model: lP over WDM Network
More layers in an overlay models Cons More Redundant functions Large header data Thus, getting simpler. ATM IP WDM Optical Network SONET/ SDH Before we get into the detail, I would like to explain what is the network model. Since most of the data services are based on Internet Protocol (IP), we employ layered protocol stack on top of the optical backbone network. In order to support various protocol, multiple overlay model has been used and investigated. Since too many layer can have duplicated functions between different layers and relatively large header data, the overlay layer is getting simpler and IP over WDM is widely accepted as a dominant network structure. And in order to provide high network availability, Network survivability is crucial, which means we need to guarantee to provide service even under the presence of network component failure. Frequent fiber cut also supports the importance of survivability. Fiber cut is about 100 times in North America. Lots of case happen while undersea construction, building construction or something link that. It is also possibly caused by Terrorist attack. Previously, SONET’s self healing ring plays an important role in survivability, which is not in IP over WDM environment. Thus, we need an alternative and hopefully better method to support network survivability. Possibly absorbed into IP as well as WDM network. ================ why I choose IP over WDM optical network environment.

7 Terminology WDM : Wavelength Division Multiplexing
Lightpath : Transfer Path from Source to Sink in Optical Network Fault Propagation : Failure from a layer propagates into other network layers. Logical Topology : IP layer Physical Topology : WDM layer Logical topology (Upper Layer) is called survivable if it remains connected under an impact of fault propagation in the presence of a single optical link (Lower Layer) failure. Let me briefly say terminology. First of all, WDM stands for Wavelength Division Multiplexing. Secondly, Lightpath is … Let’s see what then mean.

8 What is WDM? Mux Demux

9 Fault Propagation Embedding C A B Not Survivable C A B Logical
First of all, What is embedding? IP link should be embedded onto the lightpath in optical (lower) layer before deliver the traffic. Sometimes, an impact of fault propagation disconnects IP layer. We call that this logical topology is not survivable. Although WDM has its own protection scheme, it requires to reserve extra resources for the backup paths and it is possible to be failed. Thus, an impact of fault propagation is still a problem. C Logical Topology Cons of WDM Protection Requires to reserve extra resources. Can be failed. A B

10 Example of a Survivable Logical Topology
Differentiated from the previous case, this embedding is survivable since any single optical link failure does not disconnect the logical IP topology. C Logical Topology C A B A B Survivable

11 Survivable Logical Topology
Sometimes, there is no way to have a Survivable Logical Topology Embedding on a Physical Topology. Optical Layer = Physical Topo. Electronic Layer = Logical Topology e1 d b c a b a In this slide, I would like to show that, sometimes, there is no way to have a Survivable Logical Topology Embedding on a Physical Topology. If we have a logical topology which is 2-edge connected, the logical topology can not be survivable if (a,b) and (c,d) are located as shown. What I mean by 2-edge connected is that, if we delete two edges e1 and e2, the topology will be divided into two components. There are four possible embedding for those two logical links which are four combination of clockwise and counterclockwise for each link. If each matching optical component a, b, c, d are placed link this, all four cases are not survivable embedding. Let’s call it no-way case from now on. e2 c d 2-Edge Connected

12 Main Result 1 Research Goal
1st Problem : Design of Survivable IP over WDM Ring Networks Main Result 1 Research Goal Support Survivability in IP over WDM network against a single link failure in an WDM network. Logical topology The research objectives is to support survivability… Since the constructing a logical topology from a traffic pattern is out of scope of this research, let’s assume that, under the normal condition, logical topology consists of direct links for the traffic is greater than some criteria. And let’s focus on logical topology and physical topology from now on. The 1st problem is physical ring topology design problem to always have survivable embedding for a certain logical IP topology. In other words, avoid the no-way case. The reason why we focus on ring is that, if necessary, it is possible to use some advantage of SONET. Physical topology

13 Lemma Four Nodes a b c d We develop an algorithm to find a physical ring topology which can have a survivable embedding based on two facts.

14 Lemma (Cont.) Three Nodes

15 Lemma (Cont.) Suppose G is 2-edge-connected and G0 is a ring. For any edge cut of size two {(a, b), (c, d)} in G, nodes f(a), f(c), f(b), f(d), in this order, may not be lay out in G0 in the clockwise or counterclockwise direction. The previous animation can be written like this.

16 Embedding Algorithm

17 Theorem Given a 2-edge-connected IP topology G and a ring network G0 as the WDM optical network topology, there exists a mapping of G into G0 such that G is tolerant to the failure of any single link in G0. (Read TP)

18 Main Result 2 Does Survivable Embedding Exist? Yes No Done
2nd Problem : Design of Survivable Virtual Topology in IP over WDM Does Survivable Embedding Exist? Yes No Logical topology Second problem is, for a given logical topology and a given physical topology, designing logical topology. If we can have a survivable embedding then do it. Otherwise, add minimum additional links on logical topology until we can have an survivable embedding. Done Add Additional links on the Logical Topology Physical topology

19 Problem Complexity Survivable LT design possible
Completely connected (i.e., (n-1)-edge connected) NO survivable LT design when logical topology G is 2-edge connected 3-edge connected 4-edged connected Degree Constraints Survivable LT design possible when min. degree >= No survivable LT design for min. degree <= ( ) Experimental Results – Near Optimal 2n 3 Here is the summary of the results of the Survivable Logical Topology Design Problem. We have a near optimal solution, which is presented in Allerton Conference. =========== Let’s look into the edge-connectivity first. In case of 2, 3, 4, and up to (n/2)-1 edge connected logical topology, we can NOT guarantee to have a survivable logical topology whereas the completely connected logical topology always have a SURVIVABLE logical topology. Each case will be shown briefly from the next slide. Currently, we are working on tightening this gap between those two groups to find the value k of k-connectivity which always guarantees to have a SURVIVABLE logical topology. Now, let’s consider with the degree constraints. We find out that we can guarantee to have a SURVIVABLE logical topology if the minimum degree of the logical topology is greater than equal to (2n)/3. And we can NOT guarantee the SURVIVABILITY of the logical topology if the minimum degree of the logical topology is less than equal to (n/2)-1. n 2

20 Complete Graph : Survivable 1 4 3 5 2
Because, for the complete graph, we always can find a Hamiltonian Cycle.

21 3-edge Connected Graph : not Survivable

22 4-edge Connected Graph : not Survivable a b e b e b e b e a a c d c d
1 2 a e 1 b 2 1 b b b e 3 3 4 4 b e 2 c c 1 1 2 b 4 a a e C 1 2 3 1 a c c 3 C 3 4 a 2 4 C 3 d d c 1 2 C d 1 4 a a 3 3 4 c d d d 2 4 3 4 d c 1 3 d e e c 2 a 1 2 4 2 e e 3 4

23 : Survivable if (minimum d    )
Shortest Path Routing : Survivable if (minimum d    ) 2n 3 Number of Nodes = b Number of Nodes = b ... n/2-1 n/2 ... ... n/3-1 2n/3 ... ... j n-j-1 n/4+1 L n/4 R ... . . . ... n/2+j n-1

24 : Survivable if (minimum d    )
Shortest Path Routing : Survivable if (minimum d    ) 2n 3 si  i (L); si  I + n -1(R) t: highest index in L  smallest_component 4 cases: t  ; t  ;  t  ; t= -1 n 6 4 3 Number of Nodes = b Number of Nodes = b ... n/2-1 n/2 ... ... n/3-1 2n/3 ... ... j n-j-1 n/4+1 L n/4 R ... . . . ... n/2+j n-1

25 : not Survivable if (minimum d  -1 )
Shortest Path Routing : not Survivable if (minimum d  ) n 2 ... ... ... : Vodd ... ... : Veven n-1 K Graph n-1 K Graph n/2-1 n/2-1

26 Heuristic Algorithm based on Shortest Path Routing
optical link (x,y) # of components sets of components ={C1, C2, …} Embed logical links to lightpaths. Cut each optical link and Calculate the # of Components. Max # = 1 Yes Done Now, let’s talk about a solution to design a Survivable Logical Topology. Given a logical topology and a physical ring topology, the first step is assigning each logical link to an optical lightpath based on a shortest path algorithm. For example, (0,1) to (0,1), (0,4) to (0,4) and so on. Then, the second step is generating a fault of each optical link one by one and calculating the number of components. For example, after the optical link (0,1) fails, the logical links (0,1),(0,2), and (1,5) fail so that the number of components of the logical topology is 2. And keeping doing it for the remaining optical links. The third step is finding an optical link which generates the maximum number of components and adding a lightpath between two nodes connected to the optical link. For example, if the optical link with the maximum number of components is (0,1), add a lightpath (0,1) without using the optical link (0,1) as shown. If the logical topology already have the optical link (0,1), choose an arbitrary node x and add (0,x) and (x,1). Else if the logical topology does not have (0,1), add one lightpath (0,1). Repeat this process until the logical topology being Survivable. No Find an optical link (x,y) with the maximum # of components. Add an additional lightpath connecting a node from Ci to a node from Cj without using (x,y). No

27 Numerical Results # of Simulations = 1000
Here are some numerical results. For each dot, we execute 1000 Simulations. This chart shows the case that the number of nodes is 100. The blue line indicates the cases that we take the 2-edge connected logical topology. The pink line indicates the input logical topology with no restriction. Under the link probability 0.1, we can design a Survivable logical topology by adding average 2 additional lightpaths. The steep slopes for both legends are shown by having smaller link probability p. The reason why is that the logical topology is approaching to be a ring shape and the sequence of the nodes on it might be different from that of the optical ring. In this case, we need to add some lightpaths as shown before in the 2-edge connected graph explanation. The arbitrary topology shows more steep slope than 2-edge connected one because we can already have more than one components even in the input logical topology by having a sparse density of a graph.

28 Numerical Results # of Simulations = 1000
Under the link probability 0.08 and with 200 nodes, we can design a Survivable logical topology by adding average 0.55 additional lightpaths.

29 Numerical Results # of Simulations = 1000
Under the link probability 0.06 and with 300 nodes, we can design a Survivable logical topology by adding average 0.55 additional lightpaths.

30 Main Result 3 3rd Problem : Reconfiguration of Virtual Topologies
Preserving Survivability New Survivable Embedding Survivable Embedding has been done. New Logical topology Logical topology Given a survivable embedding and a new logical topology, we need to reconfigure from existing embedding to new survivable embedding with Preserving Survivability while the reconfiguration is being done. Physical topology

31 Reconfiguration of Survivable Logical Topologies
What if # of Wavelength < 3 or # of Ports < 3 Survivable Logical Topology = G1 Survivable Logical Topology = G2 1 1 3 2 3 2 Physical Topology = Gp # of Ports = 3 # of Wavelength = 3 Now, let’s think about the reconfiguration. Suppose we have a logical topology, a physical topology, and a survivable mapping from the two topologies. While time passed, the connection requests can be modified so that the logical topology can be changed. Therefore, we need to reconfigure the current mapping to support the new logical topology with holding the survivability of the logical topology throughout all the reconfiguration steps. If we don’t have any restriction, we can easily add all the new connection requests and then delete all the old ones. Let me briefly introduce two terms. First one is # of port of a node which is the number of points that lightpaths can arrive at and depart from. Second one is # of wavelength of a link which is the number of lightpaths that pass on the link. If we have some restrictions on the # of port and # of wavelength, the reconfiguration is more complicated. ======= As long as the logical topology is connected, there is a way to transfer data from any node to any other node. Add G2\G1 to form G1  G2 1 3 2 Delete G1\G2

32 Problem Complexity Sometimes, we need to…
Modify the current embedding of some lightpaths in G1  G2 . Temporarily delete and reestablish some lightpaths in G1  G2 due to the wavelenth constraint. Temporarily add some lightpaths not in G1  G2 and delete to guarantee the survivability during the reconfiguration.

33 Simple Reconfiguration Approach
If the current lightpath setup uses W-1 wavelength in each optical link and upto p-2 ports at each node, add a lightpath btw each pair of adjacent nodes, delete all lightpaths in G1 except the above, and establish all lightpaths in G2 based on its survivable embedding. 1 6 2 5 By using one more wavelength, we can a good benefit which is reconfiguration. By going one step further, this algorithm can be expend to the mapping which uses W wavelengths if we can have an algorithm to modify the mapping with using only W-1 wavelength. We found out a certain condition to guarantee that except the following cases. 3 4 W = 4, p = 6

34 Limitation of Simple Reconfiguration Approach
W = n- k + 1 The intermediate nodes between n and n-k connect to the nodes n and n-k only. Thus, no lightpath can be removed without violating the survivability. In the green box, each node is connected to its adjacent node only. You can have as many nodes as you want in the green box. So, we are finalizing the conditions to cover this case too.

35 MinCostReconfiguration Cost = # of add. UnitCostadd + # of delete
MinCostReconfiguration Cost = # of add * UnitCostadd + # of delete * UnitCostdelete Given Input : M1, M2, Gp Output : Wadd, Wadd = Wreconfig – max{WM1, WM2} Constraints the number of port p, the number of wavelength W Objectives To minimize Wreconfig while reconfiguration cost is preserved minimum. During the entire period of reconfiguration, The logical topology remains survivable The port p and wavelength W constraints are satisfied. This is the problem formulation of the reconfiguration issue. What we want to do is, during the entire period of reconfiguration, to guarantee that the logical topology remains survivable and the port and wavelength constraints are satisfied.

36 MinCostReconfiguration
Survivable Embedding, M2, Of G2 to GP Wreconfig=max{WM1,WM2} Compare M2 with the current survivable embedding M1 and Generate ADD set and DELETE set ADD = ø and DELETE = ø Yes Done No Add lightpaths in ADD as long as not violate W constraint Any Addition and Deletion Yes Delete lightpaths in DELETE as long as not violate survivability constraint No Wreconfig = Wreconfig + 1

37 Numerical Results # of Simulations per each case = 500 n = 8
Wadd = Wreconfig – max{WM1, WM2} DiffFactor = (# of different conn. Req.) (total # of possible conn. Req.)

38 Numerical Results # of Simulations per each case = 500 n = 16

39 Numerical Results # of Simulations per each case = 500 n = 32

40 Numerical Results DiffFactor = 2(|E(G1)-E(G2)|+|E(G2)-E(G1)|)/n(n-1)

41 Concluding Remarks Sometimes, there is no way to have a Survivable
Logical Topology Embedding on a Physical Topology. However, the results say that we can always find a way to have a survivable embedding by carefully designing a WDM topology or an IP topology. Moreover, by using a small number of additional lightpath, we can always preserve survivability while the reconfiguration is being proceeded.

42 Thank you

Download ppt "Multi-layered Optical Network Security"

Similar presentations

Routing Complexity of Faulty Networks Omer Angel Itai Benjamini Eran Ofek Udi Wieder The Weizmann Institute of Science.

Routing Complexity of Faulty Networks Omer Angel Itai Benjamini Eran Ofek Udi Wieder The Weizmann Institute of Science.
Optimization Problems in Optical Networks. Wavelength Division Multiplexing (WDM) Directed: Symmetric: Undirected: Optic Fiber.

Optimization Problems in Optical Networks. Wavelength Division Multiplexing (WDM) Directed: Symmetric: Undirected: Optic Fiber.
Optical networks: Basics of WDM

Optical networks: Basics of WDM
Sirocco 20040 Peter Ruzicka Sirocco 20041 Results and research directions in ATM and optical networks

Sirocco Peter Ruzicka Sirocco Results and research directions in ATM and optical networks
1 IK1500 Communication Systems IK1330 Lecture 3: Networking Anders Västberg 08-790 44 55.

1 IK1500 Communication Systems IK1330 Lecture 3: Networking Anders Västberg
Dynamic Topology Optimization for Supercomputer Interconnection Networks Layer-1 (L1) switch –Dumb switch, Electronic “patch panel” –Establishes hard links.

Dynamic Topology Optimization for Supercomputer Interconnection Networks Layer-1 (L1) switch –Dumb switch, Electronic “patch panel” –Establishes hard links.
Jaringan Komputer Lanjut Packet Switching Network.

Jaringan Komputer Lanjut Packet Switching Network.
Optimization Problems in Optical Networks. Wavelength Division Multiplexing (WDM) Directed: Symmetric: Optic Fiber.

Optimization Problems in Optical Networks. Wavelength Division Multiplexing (WDM) Directed: Symmetric: Optic Fiber.
1 Routing and Wavelength Assignment in Wavelength Routing Networks.

1 Routing and Wavelength Assignment in Wavelength Routing Networks.
SMUCSE 8344 Optical Networks Introduction. SMUCSE 8344 Why Optical? Bandwidth Low cost ($0.30/yard) Extremely low error rate (10 -12 vs. 10 -6 for copper.

SMUCSE 8344 Optical Networks Introduction. SMUCSE 8344 Why Optical? Bandwidth Low cost ($0.30/yard) Extremely low error rate ( vs for copper.
Lecture: 4 WDM Networks Design & Operation

Lecture: 4 WDM Networks Design & Operation
1 EL736 Communications Networks II: Design and Algorithms Class3: Network Design Modeling Yong Liu 09/19/2007.

1 EL736 Communications Networks II: Design and Algorithms Class3: Network Design Modeling Yong Liu 09/19/2007.
Efficient Realization of Hypercube Algorithms on Optical Arrays* Hong Shen Department of Computing & Maths Manchester Metropolitan University, UK ( Joint.

Efficient Realization of Hypercube Algorithms on Optical Arrays* Hong Shen Department of Computing & Maths Manchester Metropolitan University, UK ( Joint.
Traffic Grooming in WDM Ring Networks Presented by: Eshcar Hilel.

Traffic Grooming in WDM Ring Networks Presented by: Eshcar Hilel.
Optic fiber Electronic switch the fiber serves as a transmission medium Optical networks - 1 st generation 1. Optical networks – basic notions.

Optic fiber Electronic switch the fiber serves as a transmission medium Optical networks - 1 st generation 1. Optical networks – basic notions.
Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:

Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:
1 Network Coding: Theory and Practice Apirath Limmanee Jacobs University.

1 Network Coding: Theory and Practice Apirath Limmanee Jacobs University.
Jan 13, 2006Lahore University of Management Sciences1 Protection Routing in an MPLS Network using Bandwidth Sharing with Primary Paths Zartash Afzal Uzmi.

Jan 13, 2006Lahore University of Management Sciences1 Protection Routing in an MPLS Network using Bandwidth Sharing with Primary Paths Zartash Afzal Uzmi.
Placement of Integration Points in Multi-hop Community Networks Ranveer Chandra (Cornell University) Lili Qiu, Kamal Jain and Mohammad Mahdian (Microsoft.

Placement of Integration Points in Multi-hop Community Networks Ranveer Chandra (Cornell University) Lili Qiu, Kamal Jain and Mohammad Mahdian (Microsoft.
Traffic Grooming in WDM Networks Wang Yao. WDM Technology increases the transmission capacity of optical fibers allows simultaneously transmission of.

Traffic Grooming in WDM Networks Wang Yao. WDM Technology increases the transmission capacity of optical fibers allows simultaneously transmission of.

Similar presentations

Ads by Google