End-to-end Quantum Secured Inter-Domain 5G Service Orchestration Over Dynamically Switched Flex-Grid Optical Networks Enabled by a q-ROADM
Dynamic and flexible optical networking enabled by NFV and SDN are the key technology enablers for supporting the dynamicity and bandwidth requirements of emerging 5G network services. To achieve the objective of 5G, Network Services (NSes) must be often deployed transparently over multiple administrative and technological domains. Such case often presents security risks since a typical NS may comprise a chain of network functions, each executed in different remote locations, and tampering within the network infrastructure may compromise their communication. To avoid such threats, QKD has been identified and proposed as a future-proof method immune to any algorithmic cryptanalysis based on quantum-physics mechanisms. The maturity of QKD has enabled the R&D of quantum networks coexisting with optical networks using telecom equipment. This makes the QKD a suitable candidate for the security of distributed and virtualised network services. In this paper, for the first time, we propose a dynamic quantum-secured optical network for supporting network services that are dynamically created by chaining VNF over multiple network domains. This work includes a new quantum-ROADM, extensions to SDN-enabled optical control plane, and extensions to NFV orchestration to achieve quantum-aware, on-demand chaining of VNFs. The experimental results verify the capability of routing quantum and classical data channels both individually and dynamically over shared fibre links. Moreover, quantum secured chaining of VNFs in 5G networks is experimentally demonstrated via interconnecting four autonomous 5G islands simultaneously through the q-ROADM with eight optical channels using the 5GUK Exchange orchestration platform. The experimental scenarios and results confirm the benefit of the proposed data plane architecture and control/management plane framework.