(A Study on the Control Mechanism for Network Survivability in OVPN over IP/GMPLS over DWDM)

DWDM기반의 OVPN에서 네트워크 생존성을 위한 제어 메커니즘 연구

  • 조광현 (부경대학교 정보통신공학과) ;
  • 정창현 (부경대학교 정보통신공학과) ;
  • 홍경동 (부경대학교 정보통신공학과) ;
  • 김성운 (부경대학교 정보통신공학과)
  • Published : 2005.09.01

Abstract

A ' Virtual Private Network (YPN) over Internet' has the benefits of being cost-effective and flexible. However, given the increasing demands for high bandwidth Internet and for reliable services in a 'VPN over Intemet,' an IP/GMPLS over DWDM backbone network is regarded as a very favorable approach for the future 'Optical VPN (OVPN)' due to the benefits of transparency and high data rate. Nevertheless, OVPN still has survivability issues such that a temporary fault can lose a large amount of data in seconds, moreover unauthorized physical attack can also be made on purpose to eavesdrop the network through physical components. Also, logical attacks can manipulate or stop the operation of GMPLS control messages and menace the network survivability of OVPN. Thus, network survivability in OVPN (i.e. fault/attack tolerant recovery mechanism considering physical structure and optical components, and secured transmission of GMPLS control messages) is rising as a critical issue. In this Paper, we propose a new path establishment scheme under shared risk link group (SRLG) constraint for physical network survivability. And we also suggest a new logical survivability management mechanism by extending resource reservation protocol-traffic engineering extension (RSVP-TE+) and link management protocol (LMP). Finally, according to the results of our simulation, the proposed algorithms are revealed more effective in the view point of survivability.

"인터넷을 기반으로 하는 VPN(Virt at Private Network)"은 비용과 운용측면에서 효율적이다 하지만 광 대역폭 그리고 신뢰성 있는 서비스에 대한 요구의 증가는 IP/GMPLS over DWDM 기반의 백본 네트워크가 차세대 OVPN (Optical VPN)을 위하여 가장 적합한 백본 네트워크로 간주되게 하였다. 그러나, 높은 데이터 전송율을 가지는 OVPN망에서 광 소자의 일시적인 fault/attack에 의해서 일어나는 서비스 파괴는 순식간에 막대한 트래픽 손실을 야기 할 수 있으며, 비 인가된 physical attack 으로 인하여 물리적인 구성소자를 통해 정보가 도청 될 수 있다 또한 데이터 전송을 관리하는 제어 메시지가 변조되거나 복사되어 조작될 경우 데이터가 전송도중 실패하더라도 망의 생존성을 보장할수가 없게 된다. 따라서, OVPN에서는 생존성 문제 (i.e. fault/attack에 대한 물리적인 구조와 광 소자를 고려한 최적의 복구 매커니즘, 그리고 GMPLS 제어메시지의 보안성 있는 전송) 가 중요한 이슈로 대두되고 있다. 본 논문에서는 fault/attack을 관리하기 위해 광 소자들과 공통된 위험 요소를 포함하는 소자들을 분류하고, SRLG (Shared Risk Link Group)를 고려한 경로 설립 스킴과 GMPLS의 RSVP-TE+(Reservation Protocol-Traffic Engineering Extension)와 LMP(Link Management Protocol)의 보안성 제공 메커 니즘을 제안하여, OVPN에서의 생존성을 보장한다. 끝으로 시뮬레이션 결과를 통하여 제안된 알고리즘이 망 생존성을 위하여 더욱 효율적임을 증명하였다.

Keywords

References

  1. E. Mannie et al., 'Generalizaed Multi-Protocol Label Switching (GMPLS) Architecture,' draft-ietf-ccamp-gmpls-archtecture-07.txt, IETF Internet Draft, Work in progress, May 2003
  2. A. Banerjee, et al., 'Generalized multiprotocol label switching: an overview of signaling enhancements and recovery techniques,' IEEE Commun. Mag., vol.39, no.7, pp.144-151, January 2001 https://doi.org/10.1109/35.933450
  3. D. Papadimitriou, E. Mannie, 'Analysis of Generalized MPLS based Recovery Mechanisms (including Protection and Restoration),' draft-ietf-ccamp-gmpls-recovery-analysis-02.txt, IETF Internet Draft, Work in progress, May 2003
  4. Hamid Ould- Brahim et al., 'Service Requirements for Optical Virtual Private Networks,' draft-ouldbrahim-ppvpn-ovpn-requirements-01.txt, IETF Internet Draft, Work in progress, July 2003
  5. Mi-Ra Yoon et al., 'Optical LSP Establishment and a QoS Maintenance Scheme Based on Differentiated Optical QoS Classes in OVPNs,' Photonic Network Commun., vol.7, no.2, pp.161-178, March 2004 https://doi.org/10.1023/B:PNET.0000012435.48647.ba
  6. Yun Wang et al., 'Dynamic Survivability in WDM Mesh Networks under Dynamic Traffic,' Photonic Network Commun., vol.6, no.1, pp.5-24, July 2003 https://doi.org/10.1023/A:1023602406566
  7. Guido Maier, Achille Pattavina, et al., 'Optical Network Survivability: Protection Techniques in the WDM Layer,' Photonic Network Communications, vol.4, no.3/4, PP. 251-269, July/December. 2002 https://doi.org/10.1023/A:1016047527226
  8. Haibo Wen et al., 'Dynamic RWA Algorithms under Shared-Risk-Link-Group constraints,' IEEE 2002 International Conference on, vol. 1, pp.871-875, July 2002
  9. Tsung-Li Wu et al., 'Securing QoS: Threats to RSVP Messages and Their Countermeasures,' Int'l Workshop on Quality of Service, pp.62-64, June 1999
  10. Jing Zhang et al., 'A Review of Fault Management in WDM Mesh Networks: Basic Concepts and Research Challenges,' IEEE Network, vol. 18, no.2, pp.41-48, March/April 2004 https://doi.org/10.1109/MNET.2004.1276610
  11. Sung-un Kim and David H. Su, 'Modeling Attack Problems and Protection Schemes in All-Optical Transport Networks,' Optical Network Magazine, vol.3, no.4, pp.61-72, July/August 2002
  12. Muriel Medard et al., 'Security Issues in All-Optical Networks,' IEEE Networks, vol. 11, no.3, pp.42-48, May/June 1997 https://doi.org/10.1109/65.587049
  13. Panagiotis Sebos et al., 'Auto-discovery of Shared Risk Link Groups,' Optical Fiber Communication Conference, 2001 https://doi.org/10.1109/OFC.2001.928453
  14. D. Papadimitriou et al., 'Inference of Shared Risk Link Groups,' draft-many-inference-srlg-02.txt, IETF Internet Draft, November 2001
  15. Sebos, P. et al., 'Effectiveness of shared risk link group auto-discovery in optical networks,' Optical Fiber Communication Conference and Exhibit, pp.493-495, 2002 https://doi.org/10.1109/OFC.2002.1036509
  16. S.kent et al., 'Security Architecture for the internet Protocol,' IETF RFC2401, November 1998
  17. J.Lang et al., 'Link Management Protocol (LMP),' draft-ietf-ccamp-lmp-10.txt, IETF Internet Draft, Work in progress, October 2003
  18. F.Baker et al., 'LMP Security Mechanism,' draft-sankar-Imp-sec-00.txt, IETF Internet Draft, Work in progress, February 2003
  19. F.Baker et al., 'RSVP Cryptographic Authentication,' IETF RFC 2747, January 2000
  20. L. Berger, et al., 'GMPLS Signaling Resource ReserVation Protocol-Traffic Engineering (RSVP-TE) Extensions,'IETF RFC 3473, January 2003
  21. Hyun-dong Park et al., 'Design of Security Framework for Optical Internet and Performance Test,'WISC 2003 fifteenth Workshop on Information Security and Cryptography, pp. 695-707, September 2003
  22. D.Durham et al., 'The COPS(Common Open Policy Service) Protocol,' IETF RFC 2748, January 2000