Open Access
Add to BibSonomy
Abstract
Quantum key distribution (QKD) provides future-proof security for data communications over optical networks. Currently, sophisticated QKD systems are developed and the scale of QKD-secured optical networks (QKD-ONs) becomes larger. Given the complex network conditions and dynamic end-to-end security services in QKD-ONs, autonomic management and control becomes a promising paradigm to support end-to-end quality-of-service (QoS) assurance in an efficient and stable way without requiring human intervention. Hence, to enable and utilize the autonomic functionalities over QKD-ONs for realizing the end-to-end QoS assurance becomes a challenge. This work enhances the software defined networking (SDN) technique to tackle this challenge because SDN can add programmability and flexibility for QKD-ON’s management and control. A new architecture of SDN-based QKD-ONs supporting autonomic end-to-end QoS assurance is designed, where a knowledge engine with autonomic control loops is developed in the SDN controller. We present the autonomic end-to-end QoS assurance procedure, and the cross-layer collaborative QoS assurance (CLC-QA) strategy for implementing the autonomic functionalities in the network level over QKD-ONs. We also establish an experimental testbed of SDN-based QKD-ONs supporting autonomic end-to-end QoS assurance, and perform the numerical simulation to verify our proposed approaches. Experimental results demonstrate that our presented approaches can achieve the millisecond-level overall latency of 337 ms and 618 ms, during the first and second autonomic adjustment without human intervention in case of the autonomic QoS protection. Moreover, the CLC-QA strategy is evaluated under different traffic loads by being compared with the baseline strategy without cross-layer collaboration. It can improve 22.5% protection success ratio and save 5.7% average key consumption.
© 2024 Optica Publishing Group under the terms of the Optica Open Access Publishing Agreement
1. Introduction
The development of digitalization with the help of cloud computing and the expansion of end-users in various fields has resulted in high-volume and large-scale data communications. The global information infrastructure relies on optical fiber communications using optical networks. Since a large amount of the sensitive and confidential information from critical societal services is exchanged over optical networks, the optical networks need to function in a secure and agile way [1]. However, malicious parties are already gathering encrypted data, with the expectation that future advancements in quantum computing will allow them to decrypt this information. It may cause the valuable information eavesdropped and is the critical threat for network security. Quantum key distribution (QKD) can share keys between remote parties for encrypted data communication with future-proof information-theoretic security based on quantum physics, making networks resilient against quantum threats. Hence, with the increasing security threats over optical networks and the growing cryptographic demands of applications, QKD-secured optical networks (QKD-ONs) have emerged as a promising solution for realizing secure communications [2].
Several experimental and commercial fibre-based QKD networks have been built and operated worldwide in the last decade, such as SECOQC, Tokyo, and China’s Beijing-Shanghai QKD networks [3,4]. Demonstrational applications of QKD in financial institutions, government networks, and critical infrastructures such as the power grid have been explored [5]. The standardization activities for QKD networks are ongoing step by step, which can potentially promote the advancement of QKD technology and the transformation into practical applications [6]. QKD-ONs deploy the fibre-based QKD systems for optical nodes and links and supply the generated QKD keys for cryptographic applications. The software-defined-networking-based control method [7], the QKD as a service framework [8], the key-pool based key management schemes [9,10] and the key-relay routing strategies [11,12] have been proposed for deploying and operating QKD-ONs efficiently to satisfy the requirements of services. The quality of service (QoS) assurance is an important issue for QKD-ONs. The ITU-T recommendations have specified the QoS aspects of QKD networks from the perspectives of requirements [13], QoS parameters [14], and functional architecture [15]. A novel flexible QoS model and a greedy perimeter stateless routing protocol are provided for QKD networks, which minimizes the average delay and increases packet delivery ratio [16].
Due to the complex network conditions and various application scenarios, QKD-ONs face the challenges of ensuring the end-to-end QoS in a stable way for the key generation, distribution and supply [17]. On the one hand, because one QoS policy is not always the best suitable policy under different network conditions, it is essential to timely adjust the QoS policy for realizing a specific objective by being aware of the network conditions. On the other hand, since the dynamically arriving services in various applications have different characteristics and requirements, it is important to efficiently select the suitable QoS policy and stably provision the services. Especially in QKD-ONs, the current key generation rate is relatively low, and untimely human actions to assure QoS can cause the sensitive data over optical fibers eavesdropped with high risks [18]. Taking an autonomic approach to control and management by using autonomic control-loops has been much researched in the network management community since the early 2000s [19]. Autonomic management and control mechanisms can enable QKD-ONs to adjust to the varying network conditions and service demands in a timely and efficient manner without requiring human intervention. Enabling autonomic functionalities in QKD-ONs is a practical solution to cope with the challenges of end-to-end QoS assurance.
The autonomic functionalities rely on the control-loops which consist of four main phases, i.e., observation, analysis, decision, and action [20]. These phases can enable the QKD-ON to sense its environment, understand its QoS situation, make QoS policy decisions and take actions accordingly, so as to realize the end-to-end QoS assurance in QKD-ONs. The cognitive optical network concept was proposed, which can perceive current optical network conditions, and then plan, decide, and act on those conditions while taking into account end-to-end goals [21,22]. Software defined networking (SDN) plays an important role in autonomic management and control by providing centralized and programmable network control and management [23,24]. A system architecture for autonomic operation, administration and maintenance of both the optical and digital layers considering autonomic networks and synergy with SDN was studied [25]. A knowledge graph-driven methodology for SDN-based autonomic network management was presented in optical networks in [26].
Several studies have enabled SDN in QKD-ONs for routing and key provisioning for QoS assurance. The integration of network function virtualization over SDN-controlled QKD-ONs was shown for the first time [27]. A QKD-aware centralized SDN controller is utilized to provide dynamicity in QKD-ON switching and rerouting [28]. A QKD-aware SDN application capable of real-time QKD-ON monitoring and controlling was implemented to provide on-demand encryption algorithms for network services [29]. A software-defined heterogeneous QKD chaining was designed to enable multi-protocol QKD networks with high efficiency [30]. We have taken the lead recently in developing the ITU-T recommendations to specify the requirements for autonomic QoS assurance in QKD networks as the standardization efforts [31]. However, there has been no systematic solution for autonomic end-to-end QoS assurance such as autonomic protection/recovery in QKD-ONs. It is significant to study the autonomic-functionality-enabled network architecture and QoS assurance procedures to realize the autonomic end-to-end QoS assurance in QKD-ONs.
This paper extends the work of the OECC2023 post-deadline-paper in the conference version [32]. It demonstrates the novel autonomic end-to-end QoS assurance in SDN-based QKD-ONs, by introducing a knowledge engine with cross-layer collaborative QoS assurance (CLC-QA) strategy. Our major contributions are as follows: 1) a new architecture of SDN-based QKD-ONs is proposed to support autonomic end-to-end QoS assurance, where the knowledge engine is developed in the SDN controller; 2) general procedures of autonomic end-to-end QoS assurance in QKD-ONs based on the proposed architecture are designed, which can facilitate the achievement of different QoS objectives; 3) a cross-layer collaborative QoS assurance (CLC-QA) strategy is proposed for the QoS assurance in the network level in QKD-ONs; 4) an experimental testbed of SDN-based QKD-ON supporting autonomic end-to-end QoS assurance is established, and the results show the overall feasibility and efficiency of the proposed solution in terms of latency, protection success ratio and average key consumption.
The rest of this paper is structured as follows. The basic concepts and techniques are introduced in Section 2. The new architecture of SDN-based QKD-ONs is illustrated in Section 3. The general procedures and the cross-layer collaborative strategy for implementing the end-to-end QoS assurance in QKD-ONs are presented in Section 4. The experimental testbed and results are demonstrated in Section 5. Finally, Section 6 concludes this study.
2. Basic concepts and techniques
This section introduces basic concepts and techniques for autonomic end-to-end QoS assurance over QKD-ONs, including QKD-ONs components, QoS assurance over QKD-ONs and autonomic functionalities. The QKD-ON is formed by deploying QKD modules and links located with optical modules and links, where the generated QKD keys between two nodes are supplied for the cryptographic applications to realize secure communications [2]. The cryptographic applications are in the user network and require a specific number of keys for data encryption to establish the secure communication. The key-management function is to receive and manage the keys generated by QKD modules and links, relay the keys, and supply the keys to cryptographic applications [33]. It is enabled by key managers (KMs) connected via KM links. The KM receives, synchronizes and re-formats random bit strings from QKD module(s) located in the same node, and stores them as keys in the storage. To satisfy the requirements of the cryptographic application, the necessary number of keys from the KM are supplied in an appropriate format to the cryptographic application. Key relay operations are needed if there are no direct KM links between cryptographic applications.
The QoS is defined as the totality of characteristics of a service that bear on its ability to satisfy the stated and implied needs of the service user. Figure 1 shows the scope of autonomic end-to-end QoS assurance over QKD-ONs. The end-to-end QoS over the QKD-ON consists of the performance of the whole QKD-ON and the key supply for cryptographic applications [15]. From an application perspective, the QoS information about keys such as key length, key amount, node pair names or IDs is exchanged between cryptographic applications and KMs. From the control perspective, the controller is responsible to communicate control information with QKD-ON infrastructures and is able to deliver QoS request in behalf of cryptographic applications. From the QKD-ON infrastructure perspective, the QoS information of key relay, key synchronization and authentication, as well as the information related to the size and volume of the QKD key, are transferred via KM links; the quantum signals are transmitted over the quantum channel and the information for synchronization and key distillation is exchanged over the classical channel in QKD links, where the QoS information such as secure key rate is available; the QoS information about optical channels and optical cross connectors (OXC) such as signal-to-noise ratio is exchanged via optical links.
Autonomic functionalities are about decision-making elements (DEs) with closed control loops, which are responsible for autonomic management and adaptive control of network resources, parameters, systems and services [23]. As shown in Fig. 1, DEs implement the autonomic control loop including observation, analysis, decision and action phases. By introducing autonomic DEs in QKD-ONs, auto-properties for QKD-ONs such as auto-configuration, auto-protection/recovery and auto-optimization can be realized. Knowledge plays an important role in autonomic DEs, which is the valuable network information derived by processing the collected QoS data, and can be used to make decisions autonomically for QoS assurance and network performance improvement [34]. The observation phase involves collecting QoS information of QKD-ONs such as the status of QKD modules, OXCs and KMs. The analysis phase involves normalizing, comparing and learning the observed data to form the valuable knowledge of QKD-ONs for improving the understanding of QoS information and objectives. The decision phase involves selecting and planning the proper course of actions to achieve a desired objective, which are based on the achieved knowledge of QKD-ONs. The action phase is to execute and evaluate the chosen action using the basic control and management functionalities of QKD-ONs. The action results related to effectiveness and efficiency will also be used to provide feedback for the further observation and analysis. The SDN technique can provide open control capability of enforcing autonomic decision policies and is suitable to implement the autonomic DEs since it has centralized control and programmable abilities.
3. Architecture of SDN-based QKD-ONs supporting autonomic end-to-end QoS assurance
To support the autonomic end-to-end QoS assurance, we design the architecture of SDN-based QKD-ONs by embedding the autonomic functionalities. The architecture of SDN-based QKD-ONs supporting autonomic end-to-end QoS assurance is shown in Fig. 2. The architecture consists of five layers in a down-top order including optical layer, quantum layer, key management layer, control and management layer and service layer. The optical, quantum, and key management layers have the node and link infrastructures of the QKD-ON, where the classical transmission, key generation and management are enabled. The control and management layer has the SDN controller enhanced with the autonomic functionalities. The service layer has various cryptographic applications requiring QKD keys for secure communications. The five layers in the proposed architecture are elaborated as follows.
There are OXCs and optical links in the optical layer. OXC is an optical transmission device that can exchange optical signals between different optical links; optical links are to implement the classical data channels where the data encrypted by QKD keys can be transmitted. In the quantum layer, a pair of QKD modules connected by a QKD link generates QKD keys by using QKD protocols such as BB84 protocol. The KMs enable key supply and key store functions in the key-management layer. A key-management link connects KMs to perform Information Theoretically (IT)-secure key relay and communications for KMs. A network node in the architecture is the abstracted one with the OXC, QKD module, and KM; a network link in the architecture is the abstracted one with the optical, QKD, and KM links. The network nodes and links are under the control of SDN controller. The communication between the SDN controller and a network node is via the southbound interface (SBI) implemented by the SDN southbound protocols such as NetConf and OpenFlow protocol. The service layer initiates cryptographic applications with end-to-end QoS requirements, which will consume keys from the key management layer. The SDN controller communicates with service layer using the northbound interface (NBI) implemented by the SDN northbound protocols such as HTTP and WebSocket.
In the control and management layer, an SDN controller is deployed to control and manage the QKD-ON. Traditionally, it has the basic control functions including routing control for key relay, configuration control for links, access control for authentication and authorization, session control for services and policy-based control for QoS and charging policies. The traditional fault, configuration, accounting, performance and security (FCAPS) management functions for basic QoS assurance are also enabled. To satisfy the QoS requirements, there are QoS assurance functions specific to each layer for interacting with each layer’s control and management function. The basic QoS functions include QoS planning, QoS monitoring, QoS analyzing, QoS optimizing, and QoS provisioning [15]. OpenDaylight (ODL) [35] and Open Network Operating System (ONOS) [36] are two mainstream SDN controllers and we develop specific control and management functions in the ONOS controller platform in this study. To support the autonomic end-to-end QoS assurance, the SDN controller is enhanced with the knowledge engine and the autonomic end-to-end QoS assurance orchestration. Knowledge engine provides necessary functionalities to support autonomic control and management and satisfy the autonomic QoS assurance requirements in QKD-ON. It can realize the knowledge storing and exchange, information translation and autonomic control loops of observation, analysis, decision and action. These functions can be implemented in the SDN controller by leveraging the advantages of SDN control. They can also be implemented by a knowledge plane, which is not limited in the SDN controller. The new knowledge engine functions, along with basic control functions and basic QoS assurance functions, are orchestrated together for the autonomic end-to-end QoS assurance.
The detailed functions and their relationships in the knowledge engine are shown in Fig. 2. There are core elements including knowledge repository, model-based information translation (MBIT), network-level DE and local DEs specific to different layers. Knowledge is formed during the autonomic control loops based on the QKD-ON status and performances through observation and analysis, and is treated as the important reference for decision and action. The knowledge repository stores the formed knowledge of QKD-ON and supports the knowledge updates in real, near-real, and/or non-real time. Knowledge is exchanged between the knowledge repository and other elements. The MBIT function provides translation of heterogeneous information such as QoS requirements into layer specific provisioning rules. DEs are to realize the autonomic control loops. Two types of DEs are designed including the network-level DE and local DEs specific to different layers, so that the autonomic QoS planning, autonomic QoS provisioning, autonomic QoS optimization and autonomic QoS protection/recovery can be implemented efficiently. Local DEs are enabled to realize fast closed control-loop specific to network element level for autonomic QoS assurance, including the optical layer DE, quantum layer DE, key management layer DE and control and management DE. The network-level DE in the QKD-ON provides global autonomic end-to-end QoS assurance such as supporting network-wide autonomic routing. Its implementation needs the cross-layer collaboration of local DEs under the instruction of the autonomic end-to-end QoS assurance orchestration function.
4. Autonomic end-to-end QoS assurance approach
In this section, we present the general autonomic end-to-end QoS assurance procedures in QKD-ONs with local DEs and network-level DEs, which include the cross-layer collaborative QoS assurance (CLC-QA) strategy.
4.1 General procedures
The general procedures of intercommunicating the functional elements in the five QKD-ON layers need to be designed, so as to achieve the different autonomic end-to-end QoS assurance objectives in QKD-ONs. For the network initialization, the SDN controller keeps alive with each QKD-ON node through SBI. After the QKD-ON initialization, the cryptographic applications in the service layer will generate the QKD-ON request and send it to the basic control functions in the SDN controller through NBI. Figure 3 shows the general procedure of autonomic end-to-end QoS assurance in QKD-ONs for a service request with QoS requirements. The QoS requirement information is sent to the knowledge engine for operating the QoS information translation by using the MBIT function. Here, the translation model is not limited and is determined by the QKD-ON operators. The autonomic QoS assurance orchestration function achieves the translated autonomic end-to-end QoS provisioning rules and can orchestrate the DEs in the network for end-to-end QoS assurance.
The orchestration information provides the operation guide of the different DEs in the QKD-ON. Two operation cases are considered in this step, including the need of a local DE and the need of a network-level DE. If there is the need of a local DE specific to a QKD-ON layer, the observation-analysis-decision-action control loop will be conducted. Firstly, the knowledge engine requires to start the observation using the basic QoS assurance functions. The QoS-related data of the QKD-ON nodes in the network is autonomically observed and reported back to the knowledge engine. The observed QoS data is specific to the QKD-ON layer where the local DEs locate. Then, the knowledge engine analyzes the observed QoS data to form the layer-specific knowledge, which is the derived by processing the QoS data collected from the specific layer, e.g. optical layer, quantum layer, key management layer, control and management layer. Examples of the layer-specific knowledge and the considered parameters are given in Table 1. The achieved QoS-related knowledge is stored in the knowledge repository, which can serve as the historical knowledge for further knowledge learning using the intelligent algorithms. The decision of the QoS policy will be made based on the new achieved knowledge and the historical knowledge from the knowledge repository. To provision the selected QoS policy in the practical QKD-ON, the action information is given by the knowledge engine and sent to the basic control functions in the SDN controller. The QKD-ON nodes will be configured through SBI to be under the parameters that the action information provides. Different actions can be implemented by adjusting the configuration of elements in different QKD-ON layers. Table 2 shows the examples of actions and the considered parameters in QKD-ONs. If the network-level DE is needed, several local DEs will be collaborated to construct the network-level DE operation. Finally, the response related to whether the QKD-ON service request is successfully carried, will be communicated from the SDN controller to the cryptographic applications.
Table 1. Examples of knowledge and the considered parameters in QKD-ONs
Table 2. Examples of actions and the considered parameters in QKD-ONs
4.2 Cross-layer collaborative strategy
To implement the network-level DE for autonomic QoS assurance in QKD-ON, the cross-layer collaborative QoS assurance (CLC-QA) is proposed. Cross-layer collaborative QoS assurance means to realize the objective of autonomic end-to-end QoS assurance by collaborating the local DEs specific to different QKD-ON layers in a cross-layer way. Figure 4 gives the procedure of the CLC-QA strategy in QKD-ON. During the process, the cross-layer collaboration is embodied in the observation, analysis, decision and action phases, by jointly considering the different layers (i.e. the quantum layer, optical layer, key management layer, control and management layer). The cross-layer observation of QKD-ON functional elements and the formed local knowledge from local DEs are started, and reported to the network-level DE. For more details, in the observation phase, the network-level DE can observe the QoS data from the control and management layer DE such as the QoS provisioning success ratio, the QoS data from the key management layer DE such as available key number and key life cycle in KMs, the QoS data from the quantum layer DE such as quantum bit error rate (QBER) and secure key rate, and the QoS data from the optical layer DE such as the signal-to-noise ratio.
Based on the observed QoS data and knowledge specific to different layers, the cross-layer knowledge will be formed in the network-level DE with the consideration of the relationships between layers. Examples of cross-layer knowledge and the considered parameters are shown in Table 1. They can include QoS provisioning status, QoS protection status, QoS planning status, QoS optimization status and so on, which are derived based on the parameters such as secure key rate in quantum layer, available key numbers in key management layer and success ratio in control and management layer. If such cross-layer knowledge does not exist in the knowledge repository, the updated knowledge will be newly stored in the repository for further decisions. Then the QoS-related knowledge is exchanged between the local DEs (specific to different layers) and the knowledge repository for the initial local decision, in a specific layer. After the local decisions are reported to the network-level DEs, the cross-layer QoS policy decisions are made based on the QoS analysis report and the translated QoS end-to-end objective. The decided cross-layer QoS policy can involve the joint consideration of the wavelength allocation, key formatting and key relay re-routing. In the action phase, the action information is sent for specific local DEs. The QKD-ON nodes are configured using basic control functions of the SDN controller, and the cross-layer configuration results are returned to the network-level DE. After the DE operation, the autonomic end-to-end QoS assurance result with SUCCESS or FAILURE is sent to the basic control functions.
A concrete example of implementing the cross-layer collaborative strategy is the autonomic QoS protection. As stated in the ITU-T Y.3815 recommendation, the protection for key provisioning in QKD-ON aims to provide additional QKD modules/QKD links/key-relay routes for stable key supply, such as the allocation of backup resources before the failure occurs [37]. The protection path will be calculated and configured between the source and destination nodes for the arrived service request to assure the QoS. In this example, the quantum layer DE, key management layer DE and control and management layer DE will be needed to construct the network-level QoS protection. The operations for the protection path in three layers are collaboratively decided by considering the key-relay paths in the control and management layer, the key resource status in the key management layer, and the key generation rate in the quantum layer. It is assumed that the cross-layer knowledge in this case is that the key generation rate and the key remaining number lower than their thresholds needs the adjustment of key formats and protection paths. If the observed QoS data shows that the thresholds are violated, the original key updating period can be extended, the key formats on the protection path can be adjusted, and the protection path can be re-calculated. After achieving the cross-layer decision and action information, the protection path for the service will be configured to realize the autonomic QoS protection in QKD-ONs.
5. Experimental testbed and results
5.1 Experimental testbed
To evaluate the proposed architecture and procedures, the experimental testbed of the SDN-based QKD-ONs for supporting autonomic end-to-end QoS assurance is set up as shown in Fig. 5. It is assumed that there is a QKD-ON operator in the testbed to implement the service layer, which can send cryptographic application requests to the SDN controller with the QoS-related requirements. For the control and management layer, the SDN controller with the knowledge engine is built to realize the autonomic QoS assurance control loop based on the ONOS platform. The NBI between the service layer with cryptographic applications and the SDN controller is implemented using the WebSocket protocol. The SBI between the SDN controller and the network nodes uses the NetConf protocol to provide both control (e.g., device configuration) and management (e.g., access device information) functionalities in the QKD-ON. The NetConf protocol is based on the XML language and can exploit YANG data model to describe network elements to be controlled/managed. NetConf messages are transmitted based on the TCP protocol.
In the testbed, five NetConf-enabled nodes are interconnected in a mesh topology to constitute the QKD-ON. Docker is a platform that allows developers to easily create, deploy, and run applications in containers, therefore, we implement the QKD-ON nodes on Docker containers with YANG data model running on a PC with Intel Core i7-13700KF CPU @3.40 GHz and 32-GB memory. The Docker containers are configured to form the QKD-ON nodes according to the typical QKD-ON parameters and characteristics. QKD keys are generated between two nodes in ∼10 Kbps and stored in KMs for the key formatting and supply [38]. It is assumed that the QKD links and QKD modules work normally without faults. The status of KMs is affected by the key consumption of services, instead of the unexpected faults of the quantum layer. Figure 5 also indicates the unique ID of the installed Docker containers for each QKD-ON node, the unique IP of the operator for cryptographic applications and the unique IP of the SDN controller. The Wireshark network protocol analyzer is applied in the testbed to capture and analyze the WebSocket messages over NBI between the SDN controller and the network operator, and the NetConf messages over SBI between the SDN controller and the QKD-ON nodes.
5.2 Experimental results
The experimental results of the autonomic end-to-end QoS assurance in the QKD-ON for an example end-to-end service are shown in Figs. 6–8. Figure 6 shows the WebSocket-based message capture of service start and service end. The example service requires the secure communication with the protection. It is from the source node 2 to the destination node 5 with the key requirements of 10 key units and its life time is around one hour. The protection means the protection of key supply while establishing the secure communication, where the keys over the protection path are allocated for services as redundant resources to avoid unexpected failures. It needs the collaboration of the key management layer to determine the key amount and the control and management layer to determine the protection path in the network level. In this example, the Advanced Encryption Standard (AES) encryption algorithm is assumed to be used, and it needs to update the allocated keys for service at intervals considering the security requirement. In Fig. 6(a), we can see that when the service starts, the SDN controller initially calculates and sets the protection path for the service while allocating the full required keys. The frame No. 2461 means that the QKD-ON operator sends the service information to the SDN controller and the frame No. 2472 means that the initial QoS assurance operation is successfully done after 226 ms. At the initial QoS assurance, the selected protection path is 2-5, which is labelled by protection path A in Fig. 5. During the life time of the service, the SDN controller operates the autonomic network-level DE to realize the end-to-end QoS assurance. In Fig. 6(b), it is shown that when the service ends, the result of the autonomic QoS assurance is returned by the SDN controller.
During the life time of the service, the resource status in the QKD-ON will change dynamically. To ensure the network performance and QoS, the autonomic QoS protection is realized for the example service. Figures 7–8 illustrate the NetConf-based message captures of the first and second autonomic adjustment for protection, where the protection path and the allocated keys for protection can be adjusted to realize different QoS protection. After the SDN controller achieves the QoS-related information of the service start request, the QoS data observation will be operated at 5-minute intervals until the service ends. To facilitate the analysis of the resource status and the QoS protection policy selection, the available keys in the key management layer over the initial protection path 2-5 in QKD-ONs are observed through the NetConf protocol, whose transmission is based on the TCP protocol. The observed data is then analyzed to find if there is any unavailable key status and form the current knowledge of the key status. In this testbed, the QoS protection policy includes two levels. One is the high- level protection where the full required keys are allocated for protection, and another is the basic-level protection where the half of the required keys are allocated for protection, by utilizing the AES encryption algorithm. Figure 7 shows the first autonomic adjustment for protection, which refers to adjusting the high-level protection as the basic-level protection by re-configuring the allocated keys for protection over the existing protection path. At the fifth observation and analysis, the SDN controller finds that the available keys (i.e. 8 keys in this example) over link 2-5 are not enough for the high-level QoS protection but can be enough for the basic-level QoS protection. Then the first autonomic adjustment is triggered and the controller decides to reduce the keys to be allocated for the protection to assure the basic protection ability. The autonomic actions over the link 2-5 are made by the SDN controller through SBI. Actions in this case are that the SDN controller gets the available key-pairs over link 2-5 between Node 2 and Node 5, sets the allocated keys for protection over link 2-5 as half of the required keys (i.e. 5 keys in this example), configures the data volume per key of the allocated 5 keys can encrypt by using AES algorithm.
After the first autonomic adjustment, the autonomic observation and analysis are regularly operated. Figure 8 shows the second autonomic adjustment for protection, which refers to adjusting the basic-level protection as the high-level protection by re-configuring a new protection path. It is triggered after the tenth observation and analysis, when the SDN controller finds that the available keys (i.e. 4 keys in this example) over the current protection path 2-5 cannot guarantee the basic-level protection. Then the SDN controller decides to find another available protection path and make actions. The path 2-3-5 is found to realize the high-level protection, which is labelled as protection path B in Fig. 5. Actions in this case are that the SDN controller re-calculates another protection path 2-3-5 where the enough required keys are available (i.e. 15 keys in this example), sets the allocated keys for protection over links 2-3 and 3-5 as the full required keys (i.e. 10 keys in this example), configures the data volume per key of the allocated 10 keys can encrypt by using AES algorithm. The NetConf messages are exchanged between the SDN controller and the nodes 2, 3, and 5 as shown in Fig. 8. After finishing the configuration, the 11th and 12th observation operations are done over the links 2-3 and 3-5. The end-to-end QoS assurance is realized during the life time of the service.
Table 3 summarizes the control latency of the autonomic end-to-end QoS assurance procedures in QKD-ONs for the service. They are derived from the time stamps of the message captures in Figs. 7 and 8. The overall latency is the sum of the time needed to realize observation, analysis, decision and action in a control loop. The observation and configuration latency is based on the network message exchange time, and the analysis and decision latency is based on the software computation time. We can find that the overall latency of the first and second autonomic adjustment is at the millisecond level, and achieves 337 ms and 618 ms respectively. As for the first (second) autonomic adjustment, the observation and decision latency is 84 ms (188 ms) and the configuration latency is 253 ms (430 ms). It is obvious that the configuration latency is the main latency part among the overall latency. We can also find that the latency of the first autonomic adjustment is smaller than that of the second autonomic adjustment. The reason is that during the second autonomic adjustment, the protection path is adjusted from a one-hop path to a two-hop path. There are the more nodes over the new protection path and the more time will be needed to exchange messages between the SDN controller and the nodes along the path. The overall latency will be longer if there are more nodes along a path, since that each time of message exchange will have a specific latency.
Table 3. Control latency of the autonomic end-to-end QoS assurance procedures in QKD-ONs
We also evaluate the network-level QoS performances of the CLC-QA strategy under heavy traffic load scenario for the autonomic protection. The performances of the CLC-QA strategy are compared with non-cross-layer-collaborative QoS assurance (non-CLC-QA) strategy. The non-CLC-QA strategy only tries its best to find the protection path without the adjustment of the key allocation based on the resource status. The measurement metrics include protection success ratio and average key consumption. The protection success ratio is the number of the successfully protected services over the number of the successful carried services; the average key consumption is the number of the consumed keys along the protection paths over the number of the successfully protected services. The results of the protection success ratio and the average key consumption under different traffic loads are shown in Figs. 9–10. 105 QKD-ON service requests are randomly generated between any pair of QKD-ON nodes following a Poisson process. The key generation rate per link is set as 10 key units per second. Their key requirements are randomly generated in the range [1,4] key units in Fig. 9(a) and Fig. 10(a); the key requirements are in the range [1,8] key units in Fig. 9(b) and Fig. 10(b).
Fig. 9. Protection success ratio results versus traffic loads when key requirements are in the range of (a) [1,4] key units (b) [1.8] key units
Fig. 10. Average key consumption results versus traffic loads when key requirements are in the range of (a) [1,4] key units (b) [1.8] key units
In Fig. 9, we can find that the protection success ratio of the CLC-QA strategy is higher than that of the non-CLC-QA strategy. The protection success ratio of the CLC-QA strategy is 0.8% and 4.2% higher than that of the baseline at 130 Erlang and 180 Erlang in Fig. 9(a), respectively. This is because the CLC-QA strategy will make the decision for the protection path with the ability to adjust the key allocation by jointly considering the resource status and the QoS requirements. We can also find that, when the traffic load becomes heavier, the advantage of the CLC-QA strategy in terms of the protection success ratio will be more obvious. On the other hand, by comparing Fig. 9(a) and Fig. 9(b), when the key requirements of the arriving services become larger, the protection success ratio of the CLC-QA strategy is higher than that of the baseline to greater extent. The CLC-QA strategy has the 4.4% (22.5%) higher protection success ratio than the non-CLC-QA strategy at 80 Erlang (130 Erlang) in Fig. 9(b). The reason is that the heavier traffic load and the larger key requirements will both cause in key resource shortage, which will cause more services to fail from being protected. In this case, the CLC-QA strategy will try to reduce the keys allocated for protection for a particular service, and dedicate those keys to realize the protection for several other services. This balancing act of key resources by the CLC-CA strategy, eventually ends up in allocating not enough keys to the services and therefore leads to sacrificing the quality of protection.
In Fig. 10, the average key consumption of services decreases with the increase in traffic load. It means that when the traffic load becomes heavier, the hops of the key-relay protection path will be shorter because more keys have been consumed by services. It is also obvious that the CLC-QA strategy has the lower average key consumption compared with the non-CLC-QA strategy. The average key consumption of the CLC-QA strategy is 0.9% and 4.9% (4.5% and 5.7%) lower than that of the baseline at 130 Erlang and 180 Erlang in Fig. 10(a) (at 80 Erlang and 130 Erlang in Fig. 10(b)), respectively. This is because the CLC-QA strategy can adapt to the network resource status and make protection decisions with the cross-layer collaborative perspective to adjust the key allocation and key-relay routes for assuring the end-to-end QoS autonomically. When the overall key resources are with the low number, the keys allocated for protection will be adjusted to be fewer for services. By comparing Fig. 10(a) and Fig. 10(b), the advantage of average key consumption of the CLC-QA strategy is more when the key requirements are more. The reason is that the space to adjust the key allocation for protection is larger when the key requirements of the services are in a larger range, so that the advantage of the CLC-QA strategy will be more.
6. Conclusion
In this paper, the autonomic abilities are enabled based on the software-defined-networking (SDN) control technologies in the QKD-secured optical networks (QKD-ONs). We consider that the autonomic control loop (i.e., decision-making element) involves observation, analysis, decision, and action, which can be applied in QKD-ONs to enhance the efficiency and flexibility of the QKD-ON operations. The architecture of SDN-based QKD-ONs supporting autonomic end-to-end QoS assurance is presented. Based on the architecture, the cross-layer collaboration QoS assurance (CLC-QA) strategy is proposed for implementing the network-level autonomic end-to-end QoS assurance in QKD-ONs. An experimental testbed for the autonomic SDN-based QKD-ON is setup and the experimental results show the efficiency of the proposed solution. Moreover, the CLC-QA strategy in QKD-ONs versus different traffic loads has the higher protection success ratio and the lower key consumption compared with the non-cross-layer-collaborative QoS assurance (non-CLC-QA) strategy. For the future work, on the one hand, the more parameters such as different key rates and quality of channels will be considered while implementing the autonomic control loop in the experimental testbed for performance improvement; on the other hand, the more use cases and the enhanced intelligent control loop implementation for the autonomic QoS assurance will be demonstrated in the SDN-based QKD-ON framework.
Funding
National Natural Science Foundation of China (62350001, U22B2026); Innovation Program for Quantum Science and Technology (2021ZD0300701); Funds for Creative Research Groups of China (62021005); Fundamental Research Funds for the Central Universities (2023PY08).
Acknowledgments
The authors thank National Natural Science Foundation of China project (62350001, U22B2026), Innovation Program for Quantum Science and Technology (2021ZD0300701), Funds for Creative Research Groups of China (62021005), and the Fundamental Research Funds for the Central Universities (2023PY08) for supporting this work.
Disclosures
The authors declare no conflicts of interest.
Data availability
Data underlying the results presented in this paper are not publicly available at this time but may be obtained from the authors upon reasonable request.
References
1. M. Furdek, C. Natalino, A. Di Giglio, et al., “Optical network security management: requirements, architecture, and efficient machine learning models for detection of evolving threats [Invited],” J. Opt. Commun. 13(2), A144–A155 (2021). [CrossRef]
2. P. Sharma, A. Agrawal, V. Bhatia, et al., “Quantum Key Distribution Secured Optical Networks: A Survey,” IEEE Open J. Commun. Soc. 2, 2049–2083 (2021). [CrossRef]
3. M. Travagnin and A. M. Lewis, “Quantum Key Distribution in-field implementations: technology assessment of QKD deployments,” 2019 European Commission report, EUR 29865 EN (2019).
4. Y. Chen, Q. Zhang, T.-Y. Chen, et al., “An integrated space-to-ground quantum communication network over 4,600 kilometres,” Nature 589(7841), 214–219 (2021). [CrossRef]
5. Z. Tang, P. Zhang, W. O. Krawec, et al., “Programmable Quantum Networked Microgrids,” IEEE Trans. Quantum Eng. 1, 1–13 (2020). [CrossRef]
6. M. Stanley, Y. Gui, D. Unnikrishnan, et al., “Recent Progress in Quantum Key Distribution Network Deployments and Standards,” J. Phys.: Conf. Ser. 2416(1), 012001 (2022).
7. Y. Cao, Y. Zhao, C. Colman-Meixner, et al., “Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD),” Opt. Express 25(22), 26453–26467 (2017). [CrossRef]
8. Y. Cao, Y. Zhao, J. Wang, et al., “SDQaaS: software defined networking for quantum key distribution as a service,” Opt. Express 27(5), 6892–6909 (2019). [CrossRef]
9. Y. Cao, Y. Zhao, J. Wang, et al., “KaaS: Key as a Service over Quantum Key Distribution Integrated Optical Networks,” IEEE Commun. Mag. 57(5), 152–159 (2019). [CrossRef]
10. X. Yu, X. Liu, Y. Liu, et al., “Multi-path-based quasi-real-time key provisioning in quantum-key-distribution enabled optical networks (QKD-ON),” Opt. Express 29(14), 21225–21239 (2021). [CrossRef]
11. X. Yu, Y. Liu, X. Zou, et al., “Secret-Key Provisioning With Collaborative Routing in Partially-Trusted-Relay-based Quantum-Key-Distribution-Secured Optical Networks,” J. Lightwave Technol. 40(12), 3530–3545 (2022). [CrossRef]
12. Q. Zhu, X. Yu, Y. Zhao, et al., “Resource Allocation in Quantum-Key-Distribution- Secured Datacenter Networks With Cloud–Edge Collaboration,” IEEE Internet Things J. 10(12), 10916–10932 (2023). [CrossRef]
13. Recommendation ITU-T Y.3806, “Quantum key distribution networks - Requirements for QoS assurance,” (ITU-T, 2021). https://www.itu.int/rec/T-REC-Y.3806-202109-I.
14. Recommendation ITU-T Y.3807, “Quantum Key Distribution networks - QoS parameters,” (ITU-T, 2022). https://www.itu.int/rec/T-REC-Y.3807-202202-I/en.
15. Recommendation ITU-T Y.3811, “Quantum key distribution networks – Functional architecture for quality of service assurance,” (ITU-T, 2022). https://www.itu.int/rec/T-REC-Y.3811-202209-I/en.
16. M. Mehic, P. Fazio, S. Rass, et al., “A Novel Approach to Quality-of-Service Provisioning in Trusted Relay Quantum Key Distribution Networks,” IEEE/ACM Trans. Networking 28(1), 168–181 (2020). [CrossRef]
17. M. Park, K. Lee, K. Seol, et al., “Quality of Service Evaluation over a 496 km Quantum Key Distribution Network,” in Proceedings of 2022 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), Split, Croatia, 2022.
18. Recommendation ITU-T Y.3819, “Quantum key distribution networks - requirements and architectural model for autonomic management and control,” (ITU-T, 2023). https://www.itu.int/itu-t/workprog/wp_item.aspx?isn=18659.
19. L. Fallon, J. Keeney, and R. K. Verma, “Autonomic Closed Control Loops for Management, an idea whose time has come?” in Proceedings of 2019 15th International Conference on Network and Service Management (CNSM), Halifax, NS, Canada, 2019.
20. ETSI White Paper no. 16, “The Generic Autonomic Networking Architecture Reference Model for Autonomic Networking, Cognitive Networking and Self-Management of Networks and Services,” (ETSI, 2016). http://www.etsi.org/images/files/ETSIWhitePapers/etsi_wp16_gana_Ed1_20161011.pdf.
21. I. de Miguel, R. J. Durán, R. M. Lorenzo, et al., “Cognitive Dynamic Optical Networks,” in Proceedings of Optical Fiber Communication Conference/National Fiber Optic Engineers Conference 2013, OSA Technical Digest, OW1 H.1, 2013.
22. C. Kachris, D. Klonidis, A. Francescon, et al., “Experimental Demonstration of a Cognitive Optical Network for Reduction of Restoration Time,” in Proceedings of Optical Fiber Communications Conference and Exhibition (OFC) 2014, OSA Technical Digest, W2A.28, 2014.
23. Recommendation ITU-T Y.3324, “Requirements and architectural framework for autonomic management and control of IMT-2020 networks,” (ITU-T, 2019). https://www.itu.int/rec/T-REC-Y.3324/en.
24. R. S. Tessinari, R. I. Woodward, and A. J. Shields, “Software-Defined Quantum Network Using a QKD-Secured SDN Controller and Encrypted Messages,” in Proceedings of OFC2023, San Diego, CA, USA, 2023.
25. A. Sadasivarao, S. Bardhan, S. Syed, et al., “Optonomic: Architecture for Secure Autonomic Optical Transport Networks,” in Proceedings of IFIP/IEEE Symposium on Integrated Network and Service Management (IM) 2019, Arlington, VA, USA, 2019.
26. Q. Zhou, A. Gray, and S. McLaughlin, “SeaNet – Towards A Knowledge Graph Based Autonomic Management of Software Defined Networks,” arXiv, arXiv:2106.13367, (2022). [CrossRef]
27. A. Aguado, E. Hugues-Salas, P. A. Haigh, et al., “Secure NFV Orchestration Over an SDN-Controlled Optical Network With Time-Shared Quantum Key Distribution Resources,” J. Lightwave Technol. 35(8), 1357–1362 (2017). [CrossRef]
28. O. Alia, R. S. Tessinari, E. Hugues-Salas, et al., “Dynamic DV-QKD Networking in Trusted-Node-Free Software-Defined Optical Networks,” J. Lightwave Technol. 40(17), 5816–5824 (2022). [CrossRef]
29. R. S. Tessinari, E. Arabul, O. Alia, et al., “Demonstration of a Dynamic QKD Network Control Using a QKD-Aware SDN Application Over a Programmable Hardware Encryptor,” in Proceedings of OFC2021, San Francisco, CA, USA, 2021.
30. Y. Cao, Y. Zhao, J. Zhang, et al., “Software-Defined Heterogeneous Quantum Key Distribution Chaining: An Enabler for Multi-Protocol Quantum Networks,” IEEE Commun. Mag. 60(9), 38–44 (2022). [CrossRef]
31. Draft Recommendation ITU-T Y.QKDN-qos-auto-rq, “Quantum key distribution networks - Requirements for autonomic quality of service assurance,” (ITU-T, 2023). https://www.itu.int/itu-t/workprog/wp_item.aspx?isn=18806.
32. Q. Zhu, X. Yu, Z. Wang, et al., “Demonstration of Autonomic End-to-End QoS Assurance over SDN-based QKD-Secured Optical Networks,” in Proceedings of 2023 Opto-Electronics and Communications Conference (OECC), Shanghai, China, 2023.
33. Recommendation ITU-T Y.3800, “Overview on quantum key distribution networks,” (ITU-T, 2019). https://www.itu.int/rec/T-REC-Y.3800.
34. S. Ashtari, I. Zhou, M. Abolhasan, et al., “Knowledge-defined networking: Applications, challenges and future work,” Array 14, 100136 (2022). [CrossRef]
35. OpenDaylight, https://www.opendaylight.org/.
36. ONOS, https://onosproject.org/.
37. Recommendation ITU-T Y.3815, “Quantum key distribution networks – overview of resilience,” (ITU-T, 2023). https://www.itu.int/rec/T-REC-Y.3815/en.
38. T. Chen, X. Jiang, S.-B. Tang, et al., “Implementation of a 46-node quantum metropolitan area network,” NPJ Quantum Inf. 7(1), 134 (2021). [CrossRef]
