Upload
lynette-kelley
View
226
Download
0
Tags:
Embed Size (px)
Citation preview
Multi-layered Optical Network Security
Hwajung Lee
Department of Information Technology
Radford University
Contents
BackgroundResearch Goal and Three Main Results
Survivable Optical Layer Design Survivable IP Layer Design Reconfiguration preserving Survivability
Concluding Remarks
Regeneration/AdaptationO-E-O
SONETTerminal
IP Router
All Optical
Networks
All Optical
Networks
All Optical
Networks
All Optical Networks
Extremely high data rate
AON Security Characteristics
• 1.6 Terabits per second is equivalent to 320 million
Pages/sec of informationIf eavesdropping attack lasts only 1 second, 320 million
page of classified information could be compromised.
• 1.6 Terabits per second is 25 million simultaneous
telephone conversation.If a link failure lasts only 1 second, 25 million
simultaneous telephone conversation could be disrupted.
Short and infrequent attacks or failures can result in loss of large amounts of data.
Any Security Solutions?
ConfidentialityIntegrity
Cryptography (PKI, Digital Signature…)
Availability
We have a security hole to fill in.
:by guaranteeing the network survivability.
Network Model: lP over WDM Network
More layers in an overlay modelsCons More Redundant
functions Large header data
Thus, getting simpler.
ATM
ATM
IP
IP
IP IP
WDM Optical Network
SONET/SDH
SONET/SDH
Terminology
WDM : Wavelength Division MultiplexingLightpath : Transfer Path from Source to Sink
in Optical NetworkFault Propagation : Failure from a layer
propagates into other network layers.Logical Topology : IP layerPhysical Topology : WDM layerLogical topology (Upper Layer) is called
survivable if it remains connected under an impact of fault propagation in the presence of a single optical link (Lower Layer) failure.
What is WDM?
Mux Demux
R
R
R
R
R
End User End UserEnd User
End UserEnd UserEnd User
End User
C
A B
C
A B
EmbeddingFault Propagation
Cons of WDM Protection1. Requires to reserve extra resources.2. Can be failed.
Not Survivable
LogicalTopology
R
R
R
R
R
End User End UserEnd User
End UserEnd UserEnd User
C
A B
C
A B
Example of a Survivable Logical Topology
SurvivableR
R
R
R
R
End U ser End U serEnd U ser
End U serEnd U serEnd U ser
End User
CA B
End User
LogicalTopology
Sometimes, there is no way to have a Survivable
Logical Topology Embedding on a Physical Topology.
Survivable Logical Topology
e1
e2
…
…a
c
b
d …
…
…
…
d
b
c
a
Electronic Layer= Logical Topology
Optical Layer= Physical Topo.
2-Edge Connected
Research Goal
Logical topology
Physicaltopology
Support Survivability in IP over WDM network against a single link failure in an WDM network.
1st Problem : Design of Survivable IP over WDM Ring Networks
Main Result 1
LemmaFour Nodes
a b
c d
G rightG left e i
e j
a
c ...
... b
d...
...a
c ...
... b
d...
...
e i
e j
a b
c
a b
c d d
Lemma (Cont.) Three Nodes
a b
c
e i
e j
G rightG left a
c ...
... b
...
...
e i
e j
a b
c
a b
c
Lemma (Cont.)
Suppose G is 2-edge-connected and G0 is a ring. For any edge cut of size two {(a, b), (c, d)} in G, nodes f(a), f(c), f(b), f(d), in this order, may not be lay out in G0 in the clockwise or counterclockwise direction.
Embedding Algorithm
a
gh
f
ecd
b
kl
j
ia
gh
f
ecd
b
kl
j
i
G le ft G right
G lle ft
G rle ft
a
cd
b
a
cd
b
G le ft G right
d
a b
a
cd
b
cd
a b
a
gh
f
ecd
b
kl
j
i
G le ft G right
G lle ft
G rle ft
e
fg
h
a
gh
f
ecd
b
kl
j
i
e c d
ab
fg h
j
kl
i
a
gh
f
ecd
b
kl
j
i
G le ft G right
G lle ft
G rle ft
cd
a b
e
fg
h
Theorem
Given a 2-edge-connected IP topology G and a ring network G0 as the WDM optical network topology, there exists a mapping of G into G0 such that G is tolerant to the failure of any single link in G0.
Main Result 2
Logical topology
Physicaltopology
2nd Problem : Design of Survivable Virtual Topology in IP over WDM
Does Survivable Embedding
Exist?
Add Additional links on
the Logical Topology
Yes No
Done
Survivable LT design possible Completely connected (i.e., (n-1)-edge connected)
NO survivable LT design when logical topology G is 2-edge connected 3-edge connected 4-edged connected
Degree Constraints Survivable LT design possible when min. degree >= No survivable LT design for min. degree <= ( -1)
Experimental Results – Near Optimal
2n 3
n 2
Problem Complexity
1
43
525
3 4
2
1
Complete Graph: Survivable
k
a 2
b 1
f
e h
b 2
i
a 1
d 1
c 1
g
c 2
l
jd 2
C 1
C 2
C 3C 4
a 1
f
b 2
a 2
e
b 1
k
3-edge Connected Graph: not Survivable
b1
b3
b2
b4
c1
c3
c2
c4
d1
d3
d2
d4
e1
e3
e2
e4
a1
a3
a2
a4
C1
C2
C3
C4
a1
a4
a2
a3
e2
e1
e4
e3
c4
c2
c3
c1
b4
b3b2
b1
d3
d1
d4
d2
4-edge Connected Graph: not Survivable
n-10
n/4+1
n/3-1
n/4
n/2n/2-1 2n/3
n/2+j
L R
Number of Nodes = b Number of Nodes = b
j n-j-1...
... ...
.... . .
...
...
...
si +i (L); si - I + n -1(R)
t: highest index in L smallest_component4 cases: t -1; t ; t -2; t= -1
n 6
n 6
n 4
n 3
n 4
n 3
n 3
Shortest Path Routing: Survivable if (minimum d ) 2n
3
: Vodd
: Veven
Kn/2-1 Graphn-1Kn/2-1 Graph 0
0 n-1
... .........
...
Shortest Path Routing: not Survivable if (minimum d -1 )
n 2
Heuristic Algorithmbased on Shortest Path Routing
Embed logical links to lightpaths.
Cut each optical linkand Calculate
the # of Components.
Find an optical link (x,y)with the maximum # of
components.
optical link (x,y)# of components
sets of components={C1, C2, …}
Max # = 1 Done
Add an additional lightpathconnecting a node
from Ci to a node from Cj
without using (x,y).No
No
Yes
Numerical Results# of Simulations = 1000
n = 100
0
5
10
15
20
25
0.02
80.
040.
060.
08 0.1
0.2
link probability p
aver
age
# o
f ad
dit
ion
al l
igh
tpat
hs
2 edge-connected
arbitrary
22.953
7.037
1.8611.938
0.0080.0023.357
Numerical Results# of Simulations = 1000
n = 200
0123456789
10
0.02
80.
040.
060.
08 0.1
0.2
link probability p
aver
age
# o
f ad
dtio
nal
lig
htp
ath
s
2 edge-connected
arbitrary
8.889
0.4940.549 0.023
0.027
4.632
Numerical Results# of Simulations = 1000
n = 300
-1
1
3
5
7
9
11
0.02
80.
050.
070.
090.
110.
130.
15
link probability p
aver
age
# o
f ad
dti
on
al l
igh
tpat
hs
2 edge-connected
arbitrary
10.293
0.533
5.585
0.814
0.0270.027
Main Result 3
Physicaltopology
3rd Problem : Reconfiguration of Virtual Topologies Preserving Survivability
Survivable Embedding has been done.
Logical topology
NewLogical
topology
New Survivable Embedding
Reconfiguration of Survivable Logical Topologies
0 1
23
0 1
23
0 1
23
Survivable Logical Topology = G1 Survivable Logical Topology = G2
Physical Topology = Gp# of Ports = 3
Add G2\G1 to form G1 G2
Delete G1\G2
# of Wavelength = 3
What if # of Wavelength < 3 or # of Ports < 3
Problem Complexity
Sometimes, we need to… Modify the current embedding of some
lightpaths in G1 G2 . Temporarily delete and reestablish some
lightpaths in G1 G2 due to the wavelenth constraint.
Temporarily add some lightpaths not in G1 G2 and delete to guarantee the survivability during the reconfiguration.
Simple Reconfiguration Approach
add a lightpath btw each pair of adjacent nodes,
delete all lightpaths in G1 except the above, and
establish all lightpaths in G2 based on its survivable embedding.
If the current lightpath setup uses W-1 wavelength
in each optical link and upto p-2 ports at each node,
1
2
3 4
5
6
W = 4, p = 6
Limitation of Simple Reconfiguration Approach
1
42
n
3
...n -k + 2
n -kn -k + 1
......
W = n- k + 1
MinCostReconfiguration Cost = # of add * UnitCostadd + # of delete * UnitCostdelete
Given Input : M1, M2, Gp
Output : Wadd,
Wadd = Wreconfig – max{WM1, WM2
}
Constraintsthe number of port p, the number of wavelength W
Objectives(1) To minimize Wreconfig while reconfiguration cost is
preserved minimum.(2) During the entire period of reconfiguration,
(1) The logical topology remains survivable (2) The port p and wavelength W constraints are satisfied.
MinCostReconfiguration Survivable Embedding, M2,
Of G2 to GP
Compare M2 with the currentsurvivable embedding M1
and Generate ADD set andDELETE set
Add lightpaths in ADDas long as
not violate W constraint
Delete lightpaths in DELETEas long as not violatesurvivability constraint
Wreconfig=max{WM1,WM2
}
ADD = ø andDELETE = ø
Any Additionand Deletion
Wreconfig = Wreconfig + 1
Done
Yes
Yes
No
No
Numerical Results # of Simulations per each case = 500
n = 8
Max Min Avg Max Min Avg Max Min Avg10% 1 0 0.008 8 4 5.784 8 3 5.464 1.091 1.40020% 2 0 0.068 8 3 5.770 7 3 5.388 2.375 2.80030% 2 0 0.100 8 3 5.692 8 3 5.380 3.762 4.20040% 2 0 0.122 8 4 5.806 8 3 5.282 5.420 5.60050% 2 0 0.076 8 4 5.800 8 3 5.368 6.710 7.00060% 2 0 0.062 8 3 5.796 8 3 5.180 8.212 8.40070% 2 0 0.092 8 3 5.772 7 3 5.086 9.433 9.80080% 2 0 0.064 8 3 5.772 8 3 4.850 10.869 11.20090% 1 0 0.066 8 4 5.750 7 3 4.736 12.099 12.600
Average 8 3.4 5.771 7.7 3 5.193
# of Diff Conn Req. (from Simulation)
Expected # of Diff Conn Req.(Calculated)
<WADD> <WM1> <WM2>
DiffFactor = (# of different conn. Req.) (total # of possible conn. Req.)
Wadd = Wreconfig – max{WM1, WM2
}
Numerical Results# of Simulations per each case = 500
n = 16
Max Min Avg Max Min Avg Max Min Avg10% 3 0 0.034 21 10 14.588 19 8 13.360 5.971 6.00020% 1 0 0.008 20 11 14.668 20 7 13.026 12.155 12.00030% 2 0 0.012 21 9 14.698 20 7 14.330 17.790 18.00040% 4 0 0.064 22 10 14.726 19 9 14.586 24.118 24.00050% 5 0 0.076 20 10 14.528 19 9 14.536 29.923 30.00060% 3 0 0.046 21 10 14.610 20 9 14.426 35.977 36.00070% 2 0 0.020 21 10 14.624 19 6 14.182 42.221 42.00080% 1 0 0.008 22 10 14.594 19 7 13.158 47.889 48.00090% 1 0 0.008 21 10 14.506 20 9 13.332 54.062 54.000
Average 21 10.0 14.616 19.4 7.9 13.882
# of Diff Conn Req. (from Simulation)
Expected # of Diff Conn Req.(Calculated)
<WADD> <WM1> <WM2>
Max Min Avg Max Min Avg Max Min Avg10% 3 0 0.104 52 34 42.742 52 34 42.802 24.904 24.80020% 3 0 0.114 52 33 42.988 54 32 42.716 49.400 49.60030% 4 0 0.140 54 35 43.100 52 35 42.916 74.557 74.40040% 2 0 0.074 52 34 43.020 52 34 42.802 98.931 99.20050% 3 0 0.094 53 34 42.896 56 34 42.896 124.731 124.00060% 4 0 0.086 52 34 42.714 52 36 42.634 148.447 148.80070% 3 0 0.084 52 35 42.710 56 34 42.468 173.743 173.60080% 3 0 0.046 53 34 42.834 53 34 42.614 198.260 198.40090% 7 0 0.056 54 34 42.824 53 33 42.822 223.142 223.200
Average 53 34.1 42.870 53.3 34 42.741
# of Diff Conn Req. (from Simulation)
Expected # of Diff Conn Req.(Calculated)
<WADD> <WM1> <WM2>
Numerical Results# of Simulations per each case = 500
n = 32
Numerical ResultsDiffFactor = 2(|E(G1)-E(G2)|+|E(G2)-E(G1)|)/n(n-1)
500 Simulations for Each Case
0.008
0.068
0.100
0.122
0.076
0.062
0.092
0.064 0.066
0.034
0.0080.012
0.064
0.076
0.046
0.020
0.008 0.008
0.104
0.114
0.140
0.074
0.094
0.086 0.084
0.046
0.056
0.000
0.020
0.040
0.060
0.080
0.100
0.120
0.140
0.160
10% 20% 30% 40% 50% 60% 70% 80% 90%
Difference Factor
# o
f A
dd
itio
na
l Wa
ve
len
gth
s
Avg (n=8)
Avg (n=16)
Avg (n=32)
Concluding Remarks
Sometimes, there is no way to have a Survivable
Logical Topology Embedding
on a Physical Topology.However, the results say that we can always find
a way to have a survivable embedding by carefully designing a WDM topology or an IP topology.
Moreover, by using a small number of additional lightpath, we can always preserve survivability while the reconfiguration is being proceeded.
Thank you