introduction to ‘quantum security capabilities in 5guk test ......ns _ catalogue deploy /...

1 High Performance Networks Group

Introduction

To

‘Quantum Security Capabilities in 5GUK Test Networks’

Prof. Reza Nejabati

Dr. George Kanelos

Prof. Dimitra Simeonidou


• 5G UK Test Networks


The UK 5G Testbeds and Trials Programme ● The 2016 Autumn Statement included £740m capital funding from July 2017 to 2020-21 across the Local

Full Fibre Networks and 5G Testbeds & Trials Programme

● The 5G Testbeds & Trials Programme is seeking to contribute to the development of a ‘5G ecosystem’ in the UK by supporting both technology trials and deployment pilots to stimulate the development of 5G use cases and business models and, we hope, work towards solving some of society’s biggest challenges

● The 5G Testbeds & Trials Programme intends to:

• Stimulate the UK to become a strong contributor to the 5G sector, with leadership in specific industry verticals

• Help to accelerate 5G deployment in the UK

• Foster a diverse and efficient 5G ecosystem in the UK

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/652263/DCMS_5G_Prospectus.pdf

https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/652263/DCMS_5G_Prospectus.pdf


5G Testbeds at West of England Region

Six Primary Sites• Smart Internet Lab, University of Bristol• We The Curious, Millennium Square, Bristol• Watershed, Waterfront, Bristol• M-Shed Museum, Harbourside, Bristol • The Pump Rooms, Roman Baths, Bath• Connection to KCL and Digital Catapult, London


5G UK Test Network

Heterogeneous Networking• LTE-A and 5GNR Cellular from Nokia• 26 & 60GHz mmWave mesh networks from CCS• SDN and network slicing from Zeetta• MEC and cloud compute via Openstack• End-to-End orchestration through OSM • Comprehensive network monitoring tools• Slice creation and management for use-cases


5G UK Test Network

Nokia Wi-Fi

Ruckus Wi-Fi

26GHz Mesh Network (CCS)

Nokia 5G NR & Nokia LTE-A Micro-RRH

Edgecore SDN Switch

LiFi visible-spectrum AP

Private 5G Bristol Fibre

5G room

IT room


Control and Virtualization: Focus on Open Source • NFV platform

• Open Source Mano (OSM)• Interrogation with Open stack• OSM monitoring tools deployed and

extended• ML integration with the

orchestration platform

• SDN control framework• NetOS SDN controller • Integration with OSM and physical

layer

• Nokia Controller and NFV• Deploying Cloudband, NetAct


Live Demo: 16 March’19


• National Dark Fibre Facility


Part of National Dark Fibre Facility (NDFF)

NDFF Technology:

SDN-enabled optical switches

Optical Amplifiers

Dispersion Compensation Modules

Optical Transceivers 10Gb/s DWDM

L2 Switches

SDN CONTROLLER

SwitchesTxs/Rxs

Abstracted Resource Pool

Virtualisation LayerAbstraction Layer

Application-Specific Network Slices• NDFF is a facility to support research on future networks• 630 km experimental installed optical fibre network• Software Defined Networking (SDN) Platform for full

programmability of optical networks• Research collaboration between universities


• QKD for 5G


• Dynamically deploy Optical network connectivity for VNF chaining in multiple Data Centers

• Dynamically Mix & Match VNFs from multiple islands

• Use inter-DC optical network for high bandwidth and low latency VNF requirements

• Create secured inter-DC connectivity for VNF chaining using QKD within same fiber as classical traffic

• Highly dynamic secure optical connectivity from multiple access devices to edge and metro DC for 5G Virtual Service

Quantum Security for 5G

VNF1

VNF2

VNF3

5G Network Service = VNF1 + VNF 2 + VNF3


Quantum Security for 5G

5GUKEx

VNF11 VNF12 VNF21 VNF22

Inter-island Optical

Network

Island1VIM SDN

Controller

ComputeResources

Network Resources

ComputeResources

Network Resources

Island2VIMSDN

Controller

Deploy NS

VM11 VM12

Deploy inter-island NS?

Deploy inter-island NS

VM11 VM12 VM21 VM22

QKD QKD

Quantum Secured & Optical Network Aware Multi-Domain NFV Orchestrator

Data Center 2Data Center 1


Multi-layer Network-Aware & Quantum-Aware Multi-domain NFV Orchestrator [World First Dynamically Switched QKD]

VNF 31

VNF 41

WSS

VNF 12...

VNF 1X

Compute Node

Data Encryptor/Decryptor A 1

VOYAGER

Corsa Switch De

Mux

AWG

WSS

BVT4BVT3BVT2BVT1

WSS

WSS

Q1

Island Proxy

ISLAND SDN Controller

Island Orchestrator

5G Island 2

VLAN Trunk

VLAN Trunk

VIM Voyager

PluginOpenFlow

Virtual Network Service (VNS) Composer

Virtual Network Service (VNS) Manager

User

VNS1 Sec (VNF12,VNF21,VNF32)

Security (1)BandwidthLatencyTTLVNF12, VNF21,VNF32

NSD1

Quantum-Aware Inter-Domain Connectivity Manager (QIDCM)

SDN ControllerWSS Plugin Optical Fibre Switch Plugin

Island

_regis

tratio

nNS

_catal

ogue

Deplo

y/Term

inate_

NS

REST API

QKD

Q1

Quantum-Aware Flexi-WDM Routing and Wavelength Assignment

VNS Catalogue

VNF Placement and Island Selection

VNS Lifecycle

5GUK

EX

Q1

WSS

Q2

Q2

Q1

Q2

Q1

WSS

WSS

WSS

Optical Fibre SwitchEDFA

Multiple EDFA

OFS

BYPASS PORT

BYPASS PORTBYPASS PORT

BYPA

SS PO

RT

DROP PORTS

Q CL

DROP PORTS

QCL

DROP PORTS

QCL

DROP PORTS

QCL

q-ROADM

R2 R3 R4R1

VNF 22...

VNF 2X

Compute Node

Data Encryptor/Decryptor A 2

VOYAGER

Corsa Switch De

Mux

AWG

WSS

BVT4BVT3BVT2BVT1

Q2

Island Proxy Island

Orchestrator

VLAN Trunk

VLAN Trunk

VIM

QKD

WSS

R2 R3 R4R1

5G Island 4

VNF 32...

VNF 3X

Compute Node

Data Encryptor/Decryptor

VOYAGER

Corsa Switch

BVT4BVT3BVT2BVT1

Island Proxy


VLAN Trunk

VLAN Trunk

VIMVoyager Plugin

OpenFlow

REST API

R3 R2 R1R4

B1Q1DeM

uxAW

G

QKD

Island Orchestrator

WSS VNF 42

...

VNF 4X

Compute Node

Data Encryptor/Decryptor

VOYAGER

Corsa Switch

BVT4BVT3BVT2BVT1

Island Proxy


VLAN Trunk

VLAN Trunk

VIMVoyager Plugin

OpenFlow

REST API

R3 R2 R1R4

B2Q2DeM

uxAW

G

QKD

Island Orchestrator

Q2

5G Island 3

ISLAND SDN ControllerVoyager Plugin

OpenFlow

REST API

5G Island 1

VNS2 (VNF11,VNF41)

Security (0)BandwidthLatencyTTLVNF11 and VNF41

NSD2

VNF CatalogueNSD Parser

VNF Lifecycle

Local Island NFV Availability DB

Local Island Network Capability DB

Local Island Quantum Security Capability DB

Quantum-Aware Virtual Network Service (VNS) Broker

QKD Control

IDQ Plugin

Bandwidth Variable TransceiverBVTWSSWSS Wavelength Selective Switches

VSGW...

VPGW

VHSS...

...

User Equipment

Antenna

User Equipment

Antenna 5G Base Station

VSGW...

VPGW

Antenna5G

Base Station

User Equipment

VHSS...

...

5G Base Station

User Equipment

Optical FrontHaul

Optical FrontHaul

Optical FrontHaul Optical

FrontHaulAntenna

5G Base Station

Virtualised Mobile Core

& RAN Functions

VEPC

Dashed Components are not implemented

Exte

nded

Data Center 1

Data Center 2 Data Center 3

Data Center 4

IEEE JLT 2019


• Test-bed over view


Test-bed

Natio

nal D

ark Fi

ber

HPN

NSQI

1CS

WTC

Bradley Stoke


Test-bed

Natio

nal D

ark Fi

ber

HPN

NSQI

1CS

WTC

Bradley Stoke

Edge ComputingDynamic qROADMQ-Aware SDN Controller8x200G 16-QAMOptical Switching Alice & Bob


Test-bed

Natio

nal D

ark Fi

ber

HPN

NSQI

1CS

WTC

Bradley Stoke

Cryogenic DetectorQ handheld Optical Switching Alice & Bob


Test-bed

Natio

nal D

ark Fi

ber

HPN

NSQI

1CS

WTC

Bradley Stoke

Metro DCClassical Switching Alice


Test-bed

Natio

nal D

ark Fi

ber

HPN

NSQI

1CS

WTC

Bradley Stoke

Remote/Core DCClassical Switching Alice


Test-bed

Natio

nal D

ark Fi

ber

HPN

NSQI

1CS

WTC

Bradley StokeEdge Computing/DCOptical Switching Alice5G Access


Test-bed

NSQI (Trusted Node)

CL2A1

CL3B

WTC (5G Access)

Encryption Server

CL2A2

1CS (Edge DC)

Encryption Server

CL2B2

Encryption Server

Encryption Server

CL3A

BS (Core DC)

DEMUX

BVT

MUX

BVTHPN (Edge DC)

CL2B1

Encryption Server

OXC

OXCOXC

OXC OXC

DCDC


SDN Control of QKD and Classical

AI-Assisted Quantum and Classical Channel

Path Computation

Quantum Secured Network Function Virtualization (Quantum Secure NFV)

Quantum Key Management

Quantum Aware Software Defined Control Plane

Test-bed

NSQI (Trusted Node)

CL2A1

CL3B

WTC (5G Access)

Encryption Server

CL2A2

1CS (Edge DC)

Encryption Server

CL2B2

Encryption Server

Encryption Server

CL3A

BS (Core DC)

DEMUX

BVT

MUX

BVTHPN (Edge DC)

CL2B1

Encryption Server

OXC

OXCOXC

OXC OXC

DCDC


Test-bed Connectivity Topology and Complexity

HPN

WTC

NSQI

1CS

Bradley Stoke


QKD network implementation on one span of NDFIS

Optical Fiber Switch

Optical Tunable Filter EDFA

Optical Fiber Switch

Optical Tunable Filter EDFA

Clavis 3

Clavis 3


Quantum Mesh Networking Test Network

5GUK testbed

Bristol City and Campus Dark Fibre

NDFF Data Centre

QKD QKD QKD


AI-Assisted Quantum and Classical Channel

Path Computation

Quantum Secured Network Function Virtualization (Quantum Secure NFV)

Quantum Key Management

5G Bristol

NetworkNational Dark Fibre FacilityQKD UNITs

Bristol Campus NetworkWeTheCuriousQKD UNITs

Opt. Switch

WatershedOpt. Switch

QKD UNITs

MVBOpt. Switch

SDM Network

MCFOpt. Switch

HPN

QKD UNITs

Opt. SwitchCampus Site

Opt. Switch

QKD UNITs

Campus Site

10G servers

10G servers

QKD UNIT

Opt. SwitchOpt. Switch

Opt. Switch

QKD UNITs


• Demo 1: Software Defined Multidomain Quantum Secured Network Field Trial

• Demo 2: Fully meshed dynamically switched QKD Metro network

Demo Scenarios


• Demo 1: Software Defined Multidomain Quantum Secured Network Field Trial


Demo 1: Software Defined Multidomain Quantum Secured Network Field Trial

29

GOALS:

• Demonstration of end-t-end Quantum secured channel for edge to metro to remote data centre in the core

• Secured 5G Access connection to remote data center via secured trusted node

• Quantum channel switching for caching of data from remote DC to Edge DC

• Software Define Control plane to control all process and monitor quantum channel



Quantum Key Management / Monitoring (CQP Toolkit)

NSQI (Trusted Node)

CL2A1

CL3B

WTC (5G Access)

Encryption Server

CL2A2

1CS (Edge DC)

Encryption Server

CL2B2

Encryption Server

Encryption Server

CL3A

BS (Core DC)

DEMUX

BVT

MUX

BVTHPN (Edge DC)

CL2B1

Encryption Server

OXC

OXCOXC

OXC OXC

DCDC





NSQI (Trusted Node)

CL2A1

CL3B

WTC (5G Access)

Encryption Server

CL2A2

1CS (Edge DC)

Encryption Server

CL2B2

Encryption Server

Encryption Server

CL3A

BS (Core DC)

DEMUX

BVT

MUX

BVTHPN (Edge DC)

CL2B1

Encryption Server

OXC

OXCOXC

OXC OXC

DCDC



1CS (CL2 ALICE2)1CS/BS DB TRANFERHPN OXC

WTC OXC

SKR=537b/s

Secure Link initiated

Secure Link 2 initiated

NSQI OXC WTC/BS DB TRANFER WTC (CL2 ALICE1)

SKR=760b/s

CL3 BoB in NSQI


Acknowledgements

Mr Anderson Bravalheri

Dr. Emilio Hugues Salas

Dr Rodrigo Stange Tessinari

Dr Djeylan Aktas Mr Richard Collins

High Performance Network Group


Thank You

introduction to ‘quantum security capabilities in 5guk test ......ns _ catalogue deploy /...

Documents