Toggle Main Menu Toggle Search

Open Access padlockePrints

Secure NFV Orchestration over an SDN-Controlled Optical Network with Time-Shared Quantum Key Distribution Resources

Lookup NU author(s): Dr Paul HaighORCiD



This is the authors' accepted manuscript of an article that has been published in its final definitive form by IEEE, 2017.

For re-use rights please refer to the publisher's terms and conditions.


© 2017 IEEE. Quantum key distribution (QKD) is a state-of-the-art method of generating cryptographic keys by exchanging single photons. Measurements on the photons are constrained by the laws of quantum mechanics, and it is from this that the keys derive their security. Current public key encryption relies on mathematical problems that cannot be solved efficiently using present-day technologies; however, it is vulnerable to computational advances. In contrast QKD generates truly random keys secured against computational advances and more general attacks when implemented properly. On the other hand, networks are moving towards a process of softwarization with the main objective to reduce cost in both, the deployment and in the network maintenance. This process replaces traditional network functionalities (or even full network instances) typically performed in network devices to be located as software distributed across commodity data centers. Within this context, network function virtualization (NFV) is a new concept in which operations of current proprietary hardware appliances are decoupled and run as software instances. However, the security of NFV still needs to be addressed prior to deployment in the real world. In particular, virtual network function (VNF) distribution across data centers is a risk for network operators, as an eavesdropper could compromise not just virtualized services, but the whole infrastructure. We demonstrate, for the first time, a secure architectural solution for VNF distribution, combining NFV orchestration and QKD technology by scheduling an optical network using SDN. A time-shared approach is designed and presented as a cost-effective solution for practical deployment, showing the performance of different quantum links in a distributed environment.

Publication metadata

Author(s): Aguado A, Hugues-Salas E, Haigh PA, Marhuenda J, Price AB, Sibson P, Kennard JE, Erven C, Rarity JG, Thompson MG, Lord A, Nejabati R, Simeonidou D

Publication type: Article

Publication status: Published

Journal: Journal of Lightwave Technology

Year: 2017

Volume: 35

Issue: 8

Pages: 1357-1362

Print publication date: 15/04/2017

Online publication date: 30/12/2016

Acceptance date: 22/12/2016

Date deposited: 12/03/2019

ISSN (print): 0733-8724

ISSN (electronic): 1558-2213

Publisher: IEEE


DOI: 10.1109/JLT.2016.2646921


Altmetrics provided by Altmetric