Optical-network security is attracting increasing research attention, as loss of confidentiality of data transferred through an optical network could impact a huge number of users and services. Data encryption is an effective way to enhance optical network security. In particular, quantum key distribution (QKD) is being investigated as a secure mechanism to provide keys for data encryption at the end-points of an optical network. In a QKD-enabled optical network, apart from traditional data channels (TDChs), two additional channels, called quantum signal channels (QSChs) and public interaction channels (PIChs), are required to support the secure key synchronization. How to allocate network resources to QSChs, PIChs, and TDChs is emerging as a novel problem for the design of a security-guaranteed optical network. This article addresses the resource-allocation problem in optical networks secured by QKD. We first discuss a possible architecture for a QKD-enabled optical network, where a software-defined networking (SDN) controller is in charge of allocating the three types of channels (TDCh, QSCh, and PICh) over different wavelengths exploiting wavelength-division multiplexing (WDM). To save wavelength resources, we propose to adopt optical time-division multiplexing (OTDM) to allocate multiple QSChs and PIChs over the same wavelength. A routing, wavelength, and time-slot assignment (RWTA) algorithm is designed to allocate wavelength and time-slot resources for the three types of channels. Different security levels are included in the RWTA algorithm by considering different key-updating periods (i.e., the period after which the secure key between two end-points has to be updated). Illustrative simulation results show the effects of different security-level configuration schemes on resource allocation.
Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.