Академический Документы
Профессиональный Документы
Культура Документы
1. INTRODUCTION
The tremendous growth of the Internet, the large increase in traffic demands and the relentless demand for
network capacity have produced a need for new flexible types of services. To deliver these, optical
communication systems have been deployed in many areas such as long-haul telecommunications, interoffice
communications, computer links and undersea systems [1]. Coupled with this development is a need for a
suitable infrastructure to manage such diverse requirements. These transmission systems suffer particularly from
Denial of Service (DoS) attacks because of the extremely high data rates and low Bit Error Rates (BERs) they
offer [2]. Since even short (in terms of duration) attacks can cause large amounts of data to be lost, the need for
securing optical networks has become increasingly apparent.
Optical network security can be classified into two separate, yet interrelated, types: Physical security and
semantic security [2]. The former promises to ensure integrity and privacy of information, as well as the Quality
of Service (QoS) by protecting the network against service disruption and service degradation. The latter focuses
on the protection of information even when an attacker has access to the transmission data channel.
This paper provides an overview of the security issues related to AONs. In particular, it focuses on the security
properties needed to comprehend the fundamental requirements of optical network security. Related work is
introduced and a case study of a reliable Network Management System (NMS) as a guarantee for secure
communication systems is presented. The paper concludes with a review of the essential elements for future
work within the Warwick group, leading towards the realisation of a suitable NMS.
impairments aggregate and can impact the signal quality as it progresses towards its destination, so that the
received BER at the destination node might become unacceptable high.
by the International Telecommunications Union (ITU), allows the BER measurement in WDM optical networks
[1]. In addition, further research material [5 -8] has been proposed, presenting new possible solutions and
methods of getting more information about BER and QoS measurements in AONs.
VN k-1
Tx
VN k+1
QoSG
Wavelength Mux
0 , 1, 2
VLPk
VN k
QoSG
Wavelength Demux
Rx
VLPk-1
VNN-1
Optical
Switch
0 , 1 , 2
Optical
Switch
0 , 1, 2
Output signals
tap
0 , 1, 2
Transparency Optical
Node (TON)
QoS guard
(QoSG)
0 , 1, 2
QoSG
Input signals
0 , 1, 2
0
0
0
1, 2
Rx 1
Rx 2
Rx 3
Network
Control
Plane
Tx 1
(NCP)
Tx 3
Tx 2
OPU
OPU
1 , 2
OPU
0
0
OPU
1 , 2
OPU
1 , 2
OPU
1 , 2
QoS Unit
1 , 2
(QoSU)
Alarm
Network Mangement System (NMS)
PM
FM
CM
SM
AM
SFM
6. CONCLUSIONS
This paper has presented an overview of security issues in AONs emphasising the challenges that are peculiar to
their operation. In an All-Optical Network, problems rising from physical security and means of protecting
against service disruption and service degradation cannot be tackled using supervisory methods, such as offline
testing or BERTS. In addition, due to high data rates, any attack even for a short duration of time can result in a
large loss of information.
The presence of an NMS is essential to ensure efficient, secure, and continuous operation of any network.
Specifically it handles the management of configuration, faults, performance, accounting, and security; aspects
which are usually interlinked to one other. A key component in this system is the performance management as it
provides signal quality measurements at very low bit BER and fault diagnostic support for the fault management.
Due to the analogue nature of transparent signals, performance management is still a major complication for
TONs. For this purpose, we have proposed a novel approach based on a link-by-link test method for detecting
performance degradation in wavelength-routed WDM optical networks, which can participate in fault and
performance management of AONs.
Despite new methods for detection and localisation of attacks having been proposed in the literature, all
techniques are still in their infancy, offering new directions for future research. As a motivation, the detection
and identification of subtle forms of attack as well as miscellaneous transmission impairments which can cause
cumulative data degradation through a network remain open problems for further work.
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
R. Ramaswami, K. N. Sivarajan: Optical Networks, A Practical Perspective, New York: Academic Press.
M. Mdard et al.: Security Issues in All-Optical Networks, IEEE Network, vol. 3, no. 11, pp. 42-48, 1997.
M. Mdard, S. R. Chinn, P. Saengudomlert: Node wrappers for QoS monitoring in transparent optical
nodes, J. High Speed Networks, vol. 10, no. 4, pp. 247-268, 2001.
B. Ramamurthy et al.: Impact of Transmission Impairments on the Teletraffic Performance of
Wavelength-Routed Optical Networks, J. Lightwave Technol., vol. 17, no. 5, pp. 759-764, 1999.
M. Mdard, D. Marquis, S. R. Chinn: Attack Detection Methods for All-Optical Networks. Network and
Distributed System Security Symposium, session 3, paper 2, San Diego, March 11-13, 1998.
M. Mdard, S. R. Chinn, P. Saengudomlert: Attack Detection in All-Optical Networks, Proc. Optical Fiber
Commun. 98 (OFC98), pp. 272-273, San Jose, February 22-27, 1998.
R. Bergman, M. Mdard, S. Chan: Distributed Algorithms for Attack Localization in All-Optical
Networks, Network and Distributed System Security Symposium, session 3, paper 1, San Diego, 1998.
P. Saengudomlert, M. Mdard: Guaranteeing BER in Transparent Optical Networks Using OOK
Signaling, IEEE J. on Selected Areas in Commun., vol. 20, no. 4, May 2002, pp. 786-799.
Brian J. Wilson, et al.: Multiwavelength Optical Networking Management and Control, J. Lightwave
Technol., vol. 18, no. 12, December 2000.
H. Zang, et al.: Dynamic Lightpath Establishment in Wavelength-Routed WDM Networks, IEEE
Commun. Mag., vol. 39, no. 9., pp. 100-108, 2001.
A. Banerjee, et al.: Generalized Multiprotocol Label Switching: An Overview of Routing and
Management Enhancements, IEEE Commun. Mag., vol. 39, no.1, pp. 144-150, 2001.
D. Awduche Y. Rekhter: Multiprotocol Lambda Switching: Combining MPLS Traffic Engineering
Control with Optical Crossconnects, IEEE Commun. Mag., vol. 39, no. 3, pp. 111-116, March 2001.
Banerjee, et al., Generalized Multiprotocol Label Switching: an Overview of Signaling Enhancements and
Recovery Techniques, IEEE Commun. Mag., vol. 39, no. 7, pp. 144-151, 2001.