This paper presents an overview of requirements and standards development activities for securing the control and management infrastructure protocols for optical networking protocols used in the Global Information Grid-Bandwidth Expansion (GIG-BE). Our approaches to hardening these protocols are: (1) to develop open standards that encompass the Department of Defense's needs; and (2) to encourage vendors to supply products that support these standards and other appropriate security hnctionality for GIG-BE signaling, routing, discovery and management. At MILCOM 2001, Buda et al. reported on commercial-off-the-shelf security standards being developed for the GIG; they covered Asynchronous Transfer Mode, Multi-Protocol Label Switching, and newly emerging optical networking. We have now completed Control Plane Security and Management Plane Security Implementation Agreements at the Optical Internetworking Forum (OIF), coordinated and aligned these with ATIS-T1M1 and the IETF, and begun efforts to implement and demonstrate these agreements. This paper briefly describes the OIF's work on control plane functionality in optical networks and the security requirements for these control protocols. It then explains why additional security was required for signaling, routing, and discovery; shows what alternatives were considered; and describes the choices made in the OIF's Security Extension for UNI and NNI. Securing an optical switch depends on much more than secure control protocols, so the paper next covers the OIF's Security for Management Interfaces to Transport Network Elements, which describes security objectives and choices for securing Operations, Administration, Maintenance, and Provisioning (OAM&P) interfaces to these network elements.
Proceedings Title: MILCOM 2004 - 2004 IEEE Military Communications Conference
Conference Dates: October 31-November 3, 2004
Conference Location: Monterey, CA
Pub Type: Conferences
GIG, Global Information Grid, network security, OIF, Optical Internetworking Forum, optical networks