共查询到20条相似文献,搜索用时 0 毫秒
1.
Layer 1 virtual private networks: service concepts, architecture requirements, and related advances in standardization 总被引:3,自引:0,他引:3
This article describes service concepts, service requirements, and high-level network architecture requirements for layer 1 virtual private network service. It takes in consideration progress achieved in standardization, mainly inside ITU-T SG 13, which has been very active in this area. 相似文献
2.
Takeda T. Brungard D. Papadimitriou D. Ould-Brahim H. 《Communications Magazine, IEEE》2005,43(7):60-67
This article describes an emerging service for next-generation networks, layer 1 virtual private networks. L1VPNs allow customers desiring to connect multiple sites to be supported over a single shared layer 1 network. In the article we first describe the transport network's evolution and the shift in expectations of both service providers and customers. We provide an overview of the motivation for L1VPNs and examples of network usage. We follow by reviewing existing GMPLS mechanisms (addressing, discovery, and signaling) for realizing L1VPN functionality and identifying other work areas. 相似文献
3.
Matthew Bauer 《International Journal of Network Management》1995,5(2):95-99
Carriers have positioned their networks and dedicated databases to help deliver a service which looks and feels like leased lines but is, in reality, delivered over the public switched telephone network (PSTN). 相似文献
4.
5.
Scalability implications of virtual private networks 总被引:7,自引:0,他引:7
《Communications Magazine, IEEE》2002,40(5):151-157
This article gives an overview of the most promising technologies for service providers to offer virtual private network services. The focus is on the analysis of the scalability implications of these virtual private network mechanisms on existing service provider backbone networks. Very often, when deploying VPN services, service providers will be confronted with a trade-off between scalability and security. VPNs that require site-to-site interconnectivity without strong (cryptographic) security can be deployed in a scalable way based on the network-based VPN model, as long as the interaction between the customer and provider routing dynamics are controlled. VPNs that require strong (end-to-end) cryptographic security should be deployed according to the CPE-based VPN model, using the available IPsec protocol suite 相似文献
6.
This paper describes VServ, a prototype architecture for a virtual private network (VPN) service, which builds and manages VPNs on demand. It allows each VPN to have guaranteed resources and customized control, and supports a highly dynamic VPN service where creation and modification operations can take place on fast timescales. These features are contingent on the automated establishment and maintenance of VPNs. A design process is described that attempts to satisfy the goals of both customer and VPN service provider (VSP). A pruned topology graph and tailored search algorithm are derived from the characteristics of the desired VPN. Although the searching procedure is theoretically intractable, it is shown that the complexity can be mitigated by a multitude of factors, VServ is built over the Tempest, a network control framework that partitions network resources into VPNs. An IP implementation of the Tempest is presented. Resource revocation is a mechanism that the VSP can use to react to violations of service level agreements-a protocol is described to enable graceful adaptation in the control plane to resource revocation events 相似文献
7.
Jing Wu Michel Savoie Scott Campbell Hanxi Zhang Bill St. Arnaud 《Communications Magazine, IEEE》2006,44(12):86-93
The layer 1 virtual private network (LlVPN) technology supports multiple user networks over a common carrier transport network. Emerging L1VPN services allow: L1VPNs to be built over multiple carrier networks; L1VPNs to lease or trade resources with each other; and users to reconfigure an L1VPN topology, and add or remove bandwidth. The trend is to offer increased flexibility and provide management functions as close to users as possible, while maintaining proper resource access right control. In this article two aspects of the L1VPN service and management architectures are discussed: management of carrier network partitions for L1VPNs, and L1VPN management by users. We present the carrier network partitioning at the network element (NE) and L1VPN levels. As an example, a transaction language one (TL1) proxy is developed to achieve carrier network partitioning at the NE level. The TL1 proxy is implemented without any modifications to the existing NE management system. On top of the TL1 proxy, a Web services (WS)-based L1VPN management tool is implemented. Carriers use the tool to partition resources at the L1VPN level by assigning resources, together with the WS-based management services for the resources, to L1VPNs. L1VPN administrators use the tool to receive resource partitions from multiple carriers and partner L1VPNs. Further resource partitioning or regrouping can be conducted on the received resources, and leasing or trading resources with partner LlVPNs is supported. These services offer a potential business model for a physical network broker. After the L1VPN administrators compose the use scenarios of resources, and make the use scenarios available to the L1VPN end users as WS, the end users reconfigure the L1VPN without intervention from the administrator. The tool accomplishes LlVPN management by users 相似文献
8.
A virtual private network (VPN) is a private data network that uses a nonprivate data network to carry traffic between remote sites. An “Intranet VPN” establishes network layer connectivity between remote Intranet sites by creating an IP overlay network over the nonprivate network, using various tunneling mechanisms. There are two approaches for establishing such tunnels: a “CPE-based approach” and a “network-based approach.” In the first approach, tunnels are established only between the CPE devices, whereas in the second approach tunnels are also established between the routers of the core nonprivate network. In this paper we address the problem of determining a CPE-based and a network-based layout of VPN tunnels while taking into account two factors: the cost of the links over which the VPN tunnels are established and the cost of the core routers that serve as end points for the VPN. We define related graph algorithm problems, analyze their complexity, and present heuristics for solving these problems efficiently 相似文献
9.
10.
Eli Herscovitz 《International Journal of Network Management》1999,9(4):213-220
The Internet is an almost ideal means for information retrieval and exchange. It is cost‐effective, easy to use and easily accessible. However, it can also be susceptible to devious practices such as data tempering, eavesdropping and theft. This paper analyses secure virtual private networks (VPNs) and their use in countering the problems of the Internet. Copyright © 1999 John Wiley & Sons, Ltd. 相似文献
11.
12.
This article discusses recent standardization efforts related to cognitive radio focusing on the work of IEEE Standards Coordinating Committee 41, formerly known as IEEE 1900. Some important tasks to be performed by the CR standardization community also are presented. These tasks will expedite the introduction of CR devices to the market while promoting a fair use of scarce radio resources. Some avenues for using the currently available standards for rapid deployment of CR devices, such as ISO standards, also are discussed. 相似文献
13.
14.
Provider-provisioned virtual private networks are nowadays well-established networking concepts. They are envisaged as an extension of the basic VPN concept to securely network low-capacity nodes in large-scale personal networks, with the help of network providers. This article presents an adaptation of the Internet Key Exchange (IKEv2) protocol to the context of dynamic tunneling in personal networks. It relies on the providers’ infrastructure to build identity-based security associations. Results of a preliminary security analysis are also provided. 相似文献
15.
Kumar A. Rastogi R. Silberschatz A. Yener B. 《Networking, IEEE/ACM Transactions on》2002,10(4):565-578
Virtual private networks (VPNs) provide customers with predictable and secure network connections over a shared network. The recently proposed hose model for VPNs allows for greater flexibility since it permits traffic to and from a hose endpoint to be arbitrarily distributed to other endpoints. We develop novel algorithms for provisioning VPNs in the hose model. We connect VPN endpoints using a tree structure and our algorithms attempt to optimize the total bandwidth reserved on edges of the VPN tree. We show that even for the simple scenario in which network links are assumed to have infinite capacity, the general problem of computing the optimal VPN tree is NP-hard. Fortunately, for the special case when the ingress and egress bandwidths for each VPN endpoint are equal, we can devise an algorithm for computing the optimal tree whose time complexity is O(mn), where m and n are the number of links and nodes in the network, respectively. We present a novel integer programming formulation for the general VPN tree computation problem (that is, when ingress and egress bandwidths of VPN endpoints are arbitrary) and develop an algorithm that is based on the primal-dual method. Our experimental results with synthetic network graphs indicate that the VPN trees constructed by our proposed algorithms dramatically reduce bandwidth requirements (in many instances, by more than a factor of 2) compared to scenarios in which Steiner trees are employed to connect VPN endpoints. 相似文献
16.
N. Nadarajah E. Wong A. Nirmalathas 《Photonics Technology Letters, IEEE》2006,18(3):484-486
An optical layer solution for implementing multiple secure virtual private networks (VPNs) over a passive optical network (PON) using electronic code-division multiple access is proposed. The multiple virtual private networking capability is experimentally demonstrated with 40-Mb/s data multiplexed with a 640-Mb/s electronic code that is unique to each of the VPNs in the PON, and the transmission of the electronically coded data is carried out using Fabry-Pe/spl acute/rot laser diodes. Experimental results show that this technique can potentially support high data rate traffic while imposing minimal penalty resulting from optical beat interference. 相似文献
17.
18.
Ahmad Nahar Quttoum Abdallah Jarray Hadi Otrok Zbigniew Dziong 《Telecommunication Systems》2013,53(4):401-414
In this paper, we consider the problem of optimizing the Internet Service Provider (ISP) profit by providing a periodic Dynamic Partitioning (DP) model for utilizing network resources in the context of Virtual Private Networks (VPN). In literature, Complete Sharing (CS), Complete Partitioning (CP), and Bandwidth Borrowing (BR) techniques have been proposed for resource allocation where the following limitations can be noticed: VPN operators can exaggerate about their required resources, resources might be underutilized, and optimal bandwidth utilization is not guaranteed. To overcome the above limitations, we propose to dynamically partition the resources over different QoS classes through periodic auctions that can reduce the reasoning of exaggeration and maximize the ISP profit. Thus, we formulate our problem based on the Integer Linear Programming (ILP) that allows us to maximize the ISP profit and provides the optimal: (1) set of profitable VPN connections, (2) bandwidth division of each network link among QoS classes, and (3) routing scheme for the accepted demand. Furthermore, the proposed ILP model allows us to study the sensitivity of the ISP profit to a targeted revenue objective. 相似文献
19.
介绍世界两大移动通信标准组织3GPP和3GPP2研究3G技术演进工作的情况,着重说明3G演进的需求和关键技术. 相似文献
20.
Jean-Paul Gaspoz 《电信纪事》1995,50(7-8):667-675
This paper describes the specification of a bandwidth management system for ATM-based virtual private networks (vpn). Such a system allows a vpn customer to dynamically modify the bandwidth allocated to vpn connections. The analysis process focuses on the service management information model and interfaces required to provide that service to the customer. The specification work is performed according to a second generation object-oriented development method called Fusion. The vpn service and management architectures as well as the different actors involved are also described in detail. 相似文献