Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD)

C. A.O. Yuan, Yongli Zhao*, Carlos Colman-Meixner, Y. U. Xiaosong, Jie Zhang

*Corresponding author for this work

Research output: Contribution to journalArticle (Academic Journal)peer-review

29 Citations (Scopus)

Abstract

Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.

Original languageEnglish
Pages (from-to)26453-26467
Number of pages15
JournalOptics Express
Volume25
Issue number22
DOIs
Publication statusPublished - 30 Oct 2017

Fingerprint Dive into the research topics of 'Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD)'. Together they form a unique fingerprint.

Cite this