OSA's Digital Library

Journal of Optical Communications and Networking

Journal of Optical Communications and Networking

  • Editors: K. Bergman and V. Chan
  • Vol. 3, Iss. 5 — May. 1, 2011
  • pp: 465–474

Preserving Confidentiality in PCE-based Multi-domain Networks

Francesco Paolucci, Molka Gharbaoui, Alessio Giorgetti, Filippo Cugini, Barbara Martini, Luca Valcarenghi, and Piero Castoldi  »View Author Affiliations


Journal of Optical Communications and Networking, Vol. 3, Issue 5, pp. 465-474 (2011)
http://dx.doi.org/10.1364/JOCN.3.000465


View Full Text Article

Enhanced HTML    Acrobat PDF (360 KB)





Browse Journals / Lookup Meetings

Browse by Journal and Year


   


Lookup Conference Papers

Close Browse Journals / Lookup Meetings

Article Tools

Share
Citations

Abstract

The path computation element (PCE) architecture has been proposed to effectively enable multi-domain traffic engineering (TE) in generalized multiprotocol label switching (GMPLS) networks while providing an adequate level of confidentiality among domains. However, a malicious utilization of the procedures defined within the PCE architecture might affect the confidentiality of network domain information in a multi-domain multi-carrier network scenario. This paper discusses the critical issues of the PCE architecture in terms of confidentiality. A two-step authorization scheme, named the behavior-based PCE authorization policy (BPAP), is proposed. The BPAP includes a novel add-on PCE component and a central authorization policy server to protect against confidentiality breaking. The scheme is based on the PCE protocol (PCEP) client behavior analysis and includes attack pattern detection procedures and possible partial information filtering of the reply message. The applicability of the BPAP scheme is validated in wavelength switched optical networks (WSONs) through simulations focusing on the exchange of a restricted set of available resources. Finally, a BPAP implementation is experimentally evaluated, showing the efficiency of the two-step scheme in terms of scalability, capability to limit the discovery of critical information, and reactivity to confidential attacks.

© 2011 OSA

OCIS Codes
(060.4250) Fiber optics and optical communications : Networks
(060.4258) Fiber optics and optical communications : Networks, network topology

ToC Category:
Research Papers

History
Original Manuscript: December 22, 2010
Revised Manuscript: March 16, 2011
Manuscript Accepted: April 8, 2011
Published: April 29, 2011

Citation
Francesco Paolucci, Molka Gharbaoui, Alessio Giorgetti, Filippo Cugini, Barbara Martini, Luca Valcarenghi, and Piero Castoldi, "Preserving Confidentiality in PCE-based Multi-domain Networks," J. Opt. Commun. Netw. 3, 465-474 (2011)
http://www.opticsinfobase.org/jocn/abstract.cfm?URI=jocn-3-5-465

You do not have subscription access to this journal. Citation lists with outbound citation links are available to subscribers only. You may subscribe either as an OSA member, or as an authorized user of your institution.

Contact your librarian or system administrator
or
Log in to access OSA Member Subscription

You do not have subscription access to this journal. Cited by links are available to subscribers only. You may subscribe either as an OSA member, or as an authorized user of your institution.

Contact your librarian or system administrator
or
Log in to access OSA Member Subscription

You do not have subscription access to this journal. Figure files are available to subscribers only. You may subscribe either as an OSA member, or as an authorized user of your institution.

Contact your librarian or system administrator
or
Log in to access OSA Member Subscription

« Previous Article  |  Next Article »

OSA is a member of CrossRef.

CrossCheck Deposited