Internet Protocol (IP) communication systems transfer IP packets among user devices and intelligent machines to provide data communication services like internet access, file transfers, media streaming, and user messaging. The IP communication systems are implementing several technologies in a contemporaneous manner to improve service delivery. These technologies include systems for Hardware Root-of-Trust (HRoT), Network Function Virtualization (NFV), and Software-Defined Networks (SDNs).
The HRoT systems ensure network security and control. The HRoT systems maintain physical separation between trusted hardware and untrusted hardware. The HRoT systems control software access to the trusted hardware but allow interaction between open and trusted software components through secure bus interfaces, memories, and switching circuits. The HRoT systems establish HRoT with one another by using secret HRoT keys physically embedded in their hardware to generate hash results for remote verification by other HRoT systems that know the secret HRoT keys and hash algorithms.
The NFV systems increase capacity and efficiency. NFV computer platforms run hypervisor software to execute various software modules during different processing time slices or on different processing cores. The software modules often comprise virtual machines, such as virtual IP routers, network elements, and the like. Different networks are mapped to different NFV cores or time slices to isolate the networks from one another.
The SDN systems improve service provisioning and management. SDNs have separate control and data planes. SDN controllers interact with SDN applications to control SDN data plane machines. The SDN applications process application-layer data to direct the SDN controllers, and in response, the SDN controllers direct the SDN data plane machines to process and transfer IP packets. The SDN applications may comprise gateways, servers, and the like.
Optical Transport Networks (OTNs) use dense wave division multiplexing to transfer IP packets. Different optical wavelengths and fibers may be dedicated to particular networks. Thus, Virtual Private Networks (VPNs) are deployed on the OTNs by using subnetworks of optical fibers and wavelengths. Unfortunately, optical networks that transfer IP packets have not integrated HRoT, NFV, and SDN systems to form more efficient and effective optical communication networks.
Technical Overview
An Internet Protocol/Wave Division Multiplex (IP/WDM) network implements Hardware Root of Trust (HRoT) and Network Function Virtualization (NFV). An NFV server generates and transfers IP control data and WDM control data to IP/WDM machines. The IP/WDM machines exchange IP packets between IP ports and WDM interfaces based on the IP control data. The IP/WDM machines exchange the IP packets between the WDM interfaces and WDM ports based on the WDM control data. The IP/WDM machines transmit and receive the IP packets from the WDM ports using different optical wavelengths. The IP/WDM machines transfer HRoT data indicating the optical wavelengths used to exchange the IP packets and indicating encoded hardware keys physically-embedded on the IP/WDM machines. The NFV server receives the HRoT data and process the encoded hardware keys and the optical wavelengths to validate HRoT status of the IP/WDM machines.