CN112769550A - Load balancing quantum key resource distribution system facing data center - Google Patents

Load balancing quantum key resource distribution system facing data center Download PDF

Info

Publication number
CN112769550A
CN112769550A CN202011601313.4A CN202011601313A CN112769550A CN 112769550 A CN112769550 A CN 112769550A CN 202011601313 A CN202011601313 A CN 202011601313A CN 112769550 A CN112769550 A CN 112769550A
Authority
CN
China
Prior art keywords
quantum key
service
link
data center
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011601313.4A
Other languages
Chinese (zh)
Other versions
CN112769550B (en
Inventor
揭水平
陈伯文
吴水清
符小东
马宗仰
房洪莲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongtian Communication Technology Co ltd
Jiangsu Zhongtian Technology Co Ltd
Zhongtian Broadband Technology Co Ltd
Original Assignee
Zhongtian Communication Technology Co ltd
Jiangsu Zhongtian Technology Co Ltd
Zhongtian Broadband Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongtian Communication Technology Co ltd, Jiangsu Zhongtian Technology Co Ltd, Zhongtian Broadband Technology Co Ltd filed Critical Zhongtian Communication Technology Co ltd
Priority to CN202011601313.4A priority Critical patent/CN112769550B/en
Publication of CN112769550A publication Critical patent/CN112769550A/en
Application granted granted Critical
Publication of CN112769550B publication Critical patent/CN112769550B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B10/00Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
    • H04B10/70Photonic quantum communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/12Shortest path evaluation
    • H04L45/124Shortest path evaluation using a combination of metrics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/125Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering

Abstract

The invention discloses a quantum key resource distribution system for load balancing of a data center, which comprises a network initialization module; a connection request generation module; the quantum key pool setting module is used for initializing the state of the quantum key pool; the working path calculation module is used for calculating K candidate paths from the source node to the destination node and selecting the optimal path as the working path; the time slot resource allocation module is used for calculating the consumption rate of the service quantum key and allocating corresponding number of time slots; the computing resource allocation module is used for allocating computing resources of the data center for each service; the link updating module updates the state of the link when the weight value of the link changes; and the service load module records the number of the services borne by each link and sorts the services from small to large in sequence. The invention combines the quantum key pool with the data center, reasonably distributes quantum key resources, reduces the service blocking rate and improves the utilization rate of the quantum key resources.

Description

Load balancing quantum key resource distribution system facing data center
Technical Field
The invention relates to a resource distribution system, in particular to a quantum key resource distribution system for load balancing of a data center, and belongs to the field of optical communication.
Background
With the continuous development of optical networks, optical networks gradually become larger in capacity, more intelligent and more widely applied, and information transmission becomes more and more convenient. In the internet era, digital services and applications in the fields of electronic payment, face recognition, fingerprint passwords and the like are rapidly developed, and higher requirements are put forward on security and confidentiality. In Data centers (Data centers), Data Center networking has recently attracted attention with the development of media delivery, big Data, and cloud services. Substantially all processing and computing of internet traffic and applications is performed at the data center. The data center serves as core equipment of network cooperation and provides information storage and calculation functions for internet services, and the data center network is an important carrier for realizing a basic platform of big data application and a cloud computing technology. In the aspect of data security, both symmetric key encryption and asymmetric key encryption have been developed to ensure confidentiality of network sensitive data transmission. However, most cryptographic systems with key encryption have security based on the algorithmic complexity of a mathematical function. With the continuous development of big data and computer hardware technology and the appearance of quantum computers, these complex cryptosystems become easily breakable, which makes the fiber transmission network more and more attacked and the optical network more and more intercepted and intercepted. The quantum key distribution technology based on quantum unclonable theorem and Heisebauer uncertainty theorem can encrypt the messages exchanged between two endpoints through the randomly generated shared secure quantum key, thereby greatly improving the security of data service transmission. QKD enables secure key distribution by encoding classical binary digits on the quantum state of light into qubits, which makes the encryption process physically impossible to break by eavesdropping means.
In most current QKD networks, the key rate of the quantum key can only reach 1-2 Mbit/s in 50km optical fiber links, so that the quantum key resources are necessary to be reasonably and effectively distributed. However, when the two communication parties perform key agreement, the two communication parties and the quantum link can not serve other businesses any more. At this time, if a new service comes and a quantum key resource needs to be allocated, a new quantum channel is needed, which greatly increases the economic cost of the whole system. Therefore, Quantum Key Pool (QKP) technology is proposed to store the excess quantum key resource generated in a link into the quantum key pool to solve the management and cost problems of quantum keys. When the business with safety requirement needs quantum key resources, the quantum key can be taken out from the quantum key pool, so that the problem of quantum key resource allocation of the business needing encryption in the whole network can be reasonably and comprehensively solved. The problem of resource waste caused by excessive quantum key output can be solved, more services can be safely encrypted, and the safety of the whole transmission process is ensured. The construction of the quantum key pool is shown in fig. 2. The generated quantum keys are stored in a Key Store (KSs) that coexists with the QKD nodes, managed by QKP. QKP monitors the remaining quantum keys in real time and provides keys between node a and node B.
In the current Quantum Key Distribution (QKD) optical network, quantum signals propagated through a Quantum Signal Channel (QSCH) are weak and are easily interfered by damages such as scattering and loss, so that the key rate is limited, and the transmission distance of the quantum signals is also very limited because the existing repeater technology is still immature. The scheme can improve the utilization rate of quantum key resources by dividing QSCH into small time slot resources by using a time division multiplexing (OTDM) technology, wherein each time slot comprises the time for channel estimation and calibration, quantum bit transmission and exchange, measurement reference comparison, error correction, privacy amplification and authentication, however, the number of quantum keys is not considered in the aspect of quantum key resources, which can cause the excessive consumption of the quantum key resources, thereby influencing the business with safety requirements and being incapable of being allocated to the quantum keys for encryption. Since the specific wavelength of quantum key transmission is expensive, it is very important how to improve the utilization rate of quantum key resources. For example, the choice of path has a significant impact on the use of quantum key resources and on the network characteristics. The existing quantum key routing distribution algorithm has a single routing index, only selects a route by taking the distance between links as a weight, does not consider the quantum key residual resource between each link and the number of services loaded on the links, and is similar to the traditional Dijkstra algorithm, so that the quantum key resource distribution of the links is unreasonable, the service blocking rate is continuously increased, and the service transmission safety is seriously influenced.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a data center-oriented load balancing quantum key resource distribution system, which reduces the service blocking rate and improves the quantum key utilization rate.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows:
a quantum key resource distribution system for data center-oriented load balancing is characterized in that: comprises
The network initialization module is used for configuring a network topology structure and various parameters in the optical network facing the data center;
the connection request generation module generates connection requests according to the uniform distribution of the source nodes and the destination nodes;
the quantum key pool setting module is used for initializing the state of the quantum key pool;
the working path calculation module calculates K candidate paths from the source node to the destination node by using a K shortest path algorithm, and finally selects the optimal path as the working path;
the time slot resource allocation module is used for calculating the consumption rate of the business quantum key and allocating corresponding number of time slots according to a first hit algorithm;
the computing resource allocation module is used for allocating computing resources of the data center for each service;
the link updating module updates the state of the link when the weight value of the link changes;
and the service load module records the number of the services borne by each link in the K shortest paths selected by the services, and sorts the services in sequence from small to large according to the number.
Further, the network initialization module works in the following process
The method comprises the steps of setting a data center-oriented optical network configuration network topology structure, a data center-oriented optical network link state, the number of network optical switching nodes, the number of optical fiber links, the quantum key generation rate of each link, quantum key allowance and minimum consumption threshold, and the number of data centers required by the whole network.
Further, the operation process of the connection request generation module is
Generating a service request using R (s, d, q, t, CO)s,COd) A representation, which represents a service request from a source node s to a destination node d; wherein q is the quantum key number required by the service, t is the update time of the quantum key, and COs、COdRespectively representing the computing resource requirements on the data center connected with the source node s and the sink node; the arrival of the service satisfies the Poisson distribution of lambda, and the time interval satisfies the negative exponential distribution of mu; and setting the quantum key quantity and the quantum key updating time required by each service, and calculating the quantum key consumption rate vk of the service as q/t.
Further, the working process of the quantum key pool setting module is
Initializing quantum key pool states in a data center oriented optical network GkN in (N, L, V, K, D) is a set of nodes, L is a set of directed links, and V ═ V1,v2,v3,. is the set of settings for each link quantum key generation rate into the optical network to the data center, K ═ K1,k2,k3,. is the set of quantum key margins in each link quantum key pool in a data center oriented optical network, D ═ D1,d2,d3,. is the set of data center settings connected to nodes in a data center oriented optical network.
Further, the working process of the working path calculation module is
Establishing a working path of the service according to the relative relation between the link quantum key generation rate and the total service consumption rate and the residual working time of the quantum key pool as a weight; preferentially selecting a link with the link quantum key generation rate larger than the total service consumption rate, wherein the quantum key pool is in a net growth state; selecting hop numbers as a secondary priority, wherein the fewer the hop numbers are, the fewer the number of nodes passed by is, the less the consumed quantum key is, and if the hop numbers are consistent, selecting a route according to the relative load numbers of the two links; preferentially selecting a link with less service load, and enabling the link to enter a negative growth state later; if the generation rate of the link quantum key is less than the total service consumption rate, the priority of the route selection is determined according to the reciprocal of the remaining working time of the quantum key pool, namely 1/T ═ v-vk)/k1If the value is larger, the key pool is indicated to finish service later; and if the request is successful in establishing the path, executing a fifth step, otherwise, blocking the service request.
Further, the working process of the time slot resource allocation module is
When v < vkThen, the quantum key is in a negative growth state, and resources in the quantum key pool are needed; firstly, time slot resources are divided according to the key output rate of a quantum key pool, namely, the quantum key resource amount corresponding to each time slot, and because one time slot can only serve one service, the time slot number needs to be as large as possible, so that the quantum key resources cannot be greatly wasted.
Further, the working process of the computing resource allocation module is
Determining the number of required time slots according to the quantum key consumption rate required by the service, and determining the position of time slot allocation in a quantum key pool according to a first hit algorithm; secondly, a service R (s, d, q, t, CO)s,COd) CO ins(COd) Less than the computing resources CO of the data center on the s (d) node.
Further, the working process of the traffic load module is
If v > vkIf the quantum key pool does not reach the capacity, the number k of the increased quantum keys is calculated according to the business of the linkincrease=(v-vk)*(t2-t1) Wherein, t2The arrival time of the next service of the service; if v < vkIf the quantum key pool is not less than the threshold value M, then the reduced quantum key number k is calculated according to the service of the linkdecrease=(vk-v)*(t2-t1) Wherein, t2The arrival time of the next service of the service;
if v > vkIs set to 0 if v < vkIs set as (v-v)k)/k1And the number of the service requests occupied by each link is recorded, the requests are arranged from small to large in number, the priority with small service number is higher, and at the moment, the quantum key pool on the link can enter a negative growth state relatively late, so that the service blocking rate is effectively reduced.
Compared with the prior art, the invention has the following advantages and effects: the quantum key resource distribution system facing the load balance of the data center introduces the concept of link load balance aiming at the problems of excessive use and exhaustion of quantum key resources caused by unreasonable distribution of the quantum key resources, and combines the data center and the quantum key pool technology. Based on the data center, quantum key resources are uniformly scheduled, computing resources are distributed, and intelligent management and planning of service requests are realized. In the process of transmitting data by a service request, a path is established for the service with safety requirement according to the relative relation between the quantum key generation rate and the total consumption rate, the remaining service time of a quantum key pool and the load proportion in a link, compared with the traditional path establishment method with the shortest distance as a weight value through the shortest paths of K, the path establishment method has the advantages that the service cannot be completely concentrated on the shortest link, the blocking rate is greatly reduced, the path establishment standard is further determined through a load balancing method, the blocking rate can be reduced, the quantum key pool can enter a negative growth state later, the consumption of the quantum key is reduced, and the cost is greatly saved. The problem of low quantum key utilization rate in the current quantum key distribution data center-oriented optical network is solved, and the service quality and the safety of the service request in the transmission process are ensured.
Drawings
Fig. 1 is a schematic diagram of a quantum key resource distribution system for data center oriented load balancing according to the present invention.
Fig. 2 is a schematic diagram of the establishment of a prior art quantum key ruler.
Fig. 3 is a schematic diagram of a situation that a service requests resource allocation according to an embodiment of the present invention.
Detailed Description
To elaborate on technical solutions adopted by the present invention to achieve predetermined technical objects, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, it is obvious that the described embodiments are only partial embodiments of the present invention, not all embodiments, and technical means or technical features in the embodiments of the present invention may be replaced without creative efforts, and the present invention will be described in detail below with reference to the drawings and in conjunction with the embodiments.
The invention mainly aims at the problem of unreasonable quantum key distribution in a data center-oriented optical network and provides a data center-oriented load balancing quantum key resource distribution system. Based on the data center, the quantum key resources are managed in a centralized manner, and flexible and effective network allocation is realized. And for each link, setting a quantum key pool for storing quantum key resources, determining the weight of the link according to the remaining working time of the quantum key pool, recording the service load number of the link, and setting a lowest consumption threshold and a highest storage threshold for each quantum key pool. For each connection service request, calculating the quantum key consumption rate of the service according to the update time of the service requirement and the required quantum key resource, and selecting a path in the network topology according to the service load of a link and the remaining working time of a quantum key pool, thereby solving the problems of excessive consumption and uneven distribution of the quantum key resource in the data center-oriented optical network.
As shown in fig. 1, the quantum key resource allocation system for data center oriented load balancing of the present invention is characterized in that: comprises
The network initialization module is used for configuring a network topology structure in the data center-oriented optical network, link states in the data center-oriented optical network, the number of network optical switching nodes, the number of optical fiber links, the quantum key generation rate of each link and the number of data centers required by the whole network.
And the connection request generation module is used for generating connection requests according to the uniform distribution of the source nodes and the destination nodes, configuring the number of the connection requests and the source nodes and the destination nodes with different connection requests, determining the quantity of quantum keys and the quantum key updating time required by the service, and corresponding to the computing resource requirements of the source and destination nodes.
The quantum key pool setting module is used for initializing the state of the quantum key pool; setting a quantum key pool initial value of each link and a maximum capacity threshold value of each quantum key pool, and defining the quantum key resource quantity contained in each time slice in the quantum key pool, wherein the numerical value is as small as possible in order to ensure resource utilization as possible.
And the working path calculation module is used for calculating K candidate paths from the source node to the destination node by using K shortest path algorithms according to the source node and the destination node of the connection request and the residual working time of the quantum key pool as a weight value and considering the service load of each link, and finally selecting the optimal path as the working path.
And the time slot resource allocation module is used for searching the time slot resources meeting the conditions in the quantum key pool of the working path and ensuring that the allocated time slot resources can meet the conditions of continuity and consistency. And calculating the service quantum key consumption rate according to the service updating time and the number of the required quantum keys, and allocating corresponding number of time slots according to a first hit algorithm, wherein the required computing resource amount of the source and destination nodes meets the condition that the computing resource amount is less than that of the node data center.
Each data center has a limited amount of computing resources, each service has a certain computing resource demand, and when the computing resource capacity of one data center is overloaded, blocking occurs.
And the link updating module is used for updating the state of the link continuously at the moment when the relative relation between the generation rate and the consumption rate of the quantum key of the link is changed and the weight of the link is different when a service arrives or leaves in each link, so that the subsequent service can be accurately selected.
The service load module records the number of services borne by each link in K shortest paths selected by the services, and sorts the services in sequence from small to large according to the number, and the priority with smaller service number is higher.
Wherein, the network initialization module works in the following process
The method comprises the steps of setting a data center-oriented optical network configuration network topology structure, a data center-oriented optical network link state, the number of network optical switching nodes, the number of optical fiber links, the quantum key generation rate of each link, quantum key allowance and minimum consumption threshold, and the number of data centers required by the whole network.
The connection request generation module works in the following process
Generating a service request using R (s, d, q, t, CO)s,COd) Is shown, itRepresents a service request from a source node s to a destination node d; wherein q is the quantum key number required by the service, t is the update time of the quantum key, and COs、COdRespectively representing the computing resource requirements on the data center connected with the source node s and the sink node; the arrival of the service satisfies the Poisson distribution of lambda, and the time interval satisfies the negative exponential distribution of mu; setting the quantum key quantity and the quantum key updating time required by each service, and calculating the quantum key consumption rate v of the servicek=q/t。
The working process of the quantum key pool setting module is
Initializing quantum key pool states in a data center oriented optical network GkN in (N, L, V, K, D) is a set of nodes, L is a set of directed links, and V ═ V1,v2,v3,. is a set of settings for each link quantum key generation rate in a data center oriented optical network, K ═ K1,k2,k3,. is the set of quantum key margins in each link quantum key pool in a data center oriented optical network, D ═ D1,d2,d3,. is the set of data center settings connected to nodes in a data center oriented optical network.
The working process of the working path calculation module is
Establishing a working path of the service according to the relative relation between the link quantum key generation rate and the total service consumption rate and the residual working time of the quantum key pool as a weight; preferentially selecting a link with the link quantum key generation rate larger than the total service consumption rate, wherein the quantum key pool is in a net growth state; selecting hop numbers as a secondary priority, wherein the fewer the hop numbers are, the fewer the number of nodes passed by is, the less the consumed quantum key is, and if the hop numbers are consistent, selecting a route according to the relative load numbers of the two links; preferentially selecting a link with less service load, and enabling the link to enter a negative growth state later; if the generation rate of the link quantum key is less than the total service consumption rate, the priority of the route selection is determined according to the reciprocal of the remaining working time of the quantum key pool, namely 1/T ═ v-vk)/k1The product isThe larger the value is, the later service ending of the key pool is indicated; and if the request is successful in establishing the path, executing a fifth step, otherwise, blocking the service request.
The working process of the time slot resource allocation module is
When v < vkThen, the quantum key is in a negative growth state, and resources in the quantum key pool are needed; firstly, time slot resources are divided according to the key output rate of a quantum key pool, namely, the quantum key resource amount corresponding to each time slot, and because one time slot can only serve one service, the time slot number needs to be as large as possible, so that the quantum key resources cannot be greatly wasted.
The working process of the computing resource allocation module is
Determining the number of required time slots according to the quantum key consumption rate required by the service, and determining the position of time slot allocation in a quantum key pool according to a first hit algorithm; secondly, a service R (s, d, q, t, CO)s,COd) CO ins(COd) Less than the computing resources CO of the data center on the s (d) node.
The service load module works in the following process
If v > vkIf the quantum key pool does not reach the capacity, the number k of the increased quantum keys is calculated according to the business of the linkincrease=(v-vk)*(t2-t1) Wherein, t2The arrival time of the next service of the service; if v < vkIf the quantum key pool is not less than the threshold value M, then the reduced quantum key number k is calculated according to the service of the linkdecrease=(vk-v)*(t2-t1) Wherein, t2The arrival time of the next service of the service;
if v > vkIs set to 0 if v < vkIs set as (v-v)k)/k1And recording the number of the service requests occupied by each link, wherein the number of the service requests is arranged from small to large, the priority with smaller service number is higher, and the priority is higherThe quantum key pool on the link can relatively enter a negative growth state later, and the service blocking rate is effectively reduced.
The following describes the workflow of the quantum key resource allocation system for data center oriented load balancing according to a specific embodiment. The specific principle is as follows:
1. and (5) initializing the network. As shown in fig. 3, it is a network topology structure diagram composed of 5 nodes and 6 links. Each optical fiber link is bidirectional, the quantum key generation rate of each link is uniformly generated between 300Kb/s and 600Kb/s, the maximum capacity of each quantum key capable of storing the quantum key is 50Mb, the minimum consumption threshold is 2Mb, and each data center has 100 units of computing resources.
2. And generating a service request. Establishing a service request R1(1,5,40,2,3)、R2(1,5,50,5,4). The service requests are from a source node 1 to a destination node 5, the arrival time of the first service request is 1s, the ending time is 11s, 40Kb quantum key resources are needed, the quantum key updating time is 2s, the consumption rate is 20Kb/s, and the needed computing resources are 3 units; the arrival time of the second service request is 2s, the end time is 12s, 50Kb quantum key resources are needed, the quantum key updating time is 5s, the consumption rate is 10Kb/s, and 4 unit computing resources are needed.
3. And initializing the link weight. The quantum key generation rate of 1-2-5 is 400Kb/s, the quantum key generation rate of 1-3-5 is 300Kb/s, and the quantum key generation rate of 1-4-5 is 410 Kb/s. Since the links 1-2-5 and 1-4-5 do not reach the generation rate less than the consumption rate, the weight is 0, and the number of the traffic loads is 0, the routing is preferentially performed, while the traffic loads on the links 1-3-5 are excessive, so that the generation rate is greater than the consumption rate, and the weight of the link is the reciprocal of the service time of the quantum key pool (1.2 multiplied by 10)-3The link 1-3-5 consumes 60Kb/s per service and the service interval is 5 s).
4. And establishing a working path. For the first service request R1(1,6,1,11,40,2), selecting one from the source node 1 to the destination node 5 by using K shortest path algorithm according to the weight calculated in the step 3The shortest path, the traffic R, because the quantum key generation rate of the 1-4-5 link is larger than that of the 1-2-5 link and is later relative to entering the negative growth state1The links 1-4-5 are preferably selected. For the second service request R2(1,5,2,12,50,5), distributing the service R in the links 1-4-5 by using K shortest path algorithms from the source node 1 to the destination node 5 according to the service load balancing principle1For balancing quantum key resources, service R21-2-5 is selected as its working path.
5. And allocating working time slot resources and computing resources. For service request R1And R2And the quantum key consumption rate of the link where the link is located is smaller than the quantum key generation rate, resources in a quantum key pool are not needed at the moment, the two links are divided into 300 and 410 time slots respectively, and the time slot resources are distributed in the links. Service request R according to first hit algorithm1And R2Respectively, 20 and 10 time slot resources are needed, and the first 20 and 10 time slots of the link time slot arrangement are allocated to R in turn1And R2. Since the remaining computing resources of both selected paths are 100 units, the service request R1And R2The required computing resources can be allocated.
6. And updating the quantum key pool resources. Because the quantum key generation rate on the links 1-4-5 and 1-2-5 is greater than the quantum key consumption rate, the quantum key pool resources are not consumed, and the quantum key pool resources are unchanged in amount. For links 1-3-5, where the quantum key consumption rate of 360Kb/s is already greater than the quantum key generation rate of 300Kb/s, 300Kb of resources in the quantum key pool is consumed.
7. And updating the link weight. For links 1-4-5 and 1-2-5, the quantum key generation rate is greater than the quantum key consumption rate, the link weight is updated to 0, and the traffic load of the link is updated to 1. For the links 1-3-5, the quantum key generation rate is less than the quantum key consumption rate, the link weight is updated to 0.2, and the traffic load of the link is updated to 6.
8. Establishing working path, updating link and quantum key pool state, and allocating corresponding working time slot resource and service request R1(1,5,40,2,3)、R2(1,5,50,5,4) the establishment was successful.
The quantum key resource distribution system facing the load balance of the data center introduces the concept of link load balance aiming at the problems of excessive use and exhaustion of quantum key resources caused by unreasonable distribution of the quantum key resources, and combines the data center and the quantum key pool technology. Based on the data center, quantum key resources are uniformly scheduled, computing resources are distributed, and intelligent management and planning of service requests are realized. In the process of transmitting data by a service request, a path is established for the service with safety requirement according to the relative relation between the quantum key generation rate and the total consumption rate, the remaining service time of a quantum key pool and the load proportion in a link, compared with the traditional path establishment method with the shortest distance as a weight value through the shortest paths of K, the path establishment method has the advantages that the service cannot be completely concentrated on the shortest link, the blocking rate is greatly reduced, the path establishment standard is further determined through a load balancing method, the blocking rate can be reduced, the quantum key pool can enter a negative growth state later, the consumption of the quantum key is reduced, and the cost is greatly saved. The problem of low quantum key utilization rate in the current quantum key distribution data center-oriented optical network is solved, and the service quality and the safety of the service request in the transmission process are ensured.
Although the present invention has been described with reference to a preferred embodiment, it should be understood that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (8)

1. A quantum key resource distribution system for data center-oriented load balancing is characterized in that: comprises
The network initialization module is used for configuring a network topology structure and various parameters in the optical network facing the data center;
the connection request generation module generates connection requests according to the uniform distribution of the source nodes and the destination nodes;
the quantum key pool setting module is used for initializing the state of the quantum key pool;
the working path calculation module calculates K candidate paths from the source node to the destination node by using a K shortest path algorithm, and finally selects the optimal path as the working path;
the time slot resource allocation module is used for calculating the consumption rate of the business quantum key and allocating corresponding number of time slots according to a first hit algorithm;
the computing resource allocation module is used for allocating computing resources of the data center for each service;
the link updating module updates the state of the link when the weight value of the link changes;
and the service load module records the number of the services borne by each link in the K shortest paths selected by the services, and sorts the services in sequence from small to large according to the number.
2. The data center-oriented load-balanced quantum key resource distribution system of claim 1, wherein: the working process of the network initialization module is
The method comprises the steps of setting a data center-oriented optical network configuration network topology structure, a data center-oriented optical network link state, the number of network optical switching nodes, the number of optical fiber links, the quantum key generation rate of each link, quantum key allowance and minimum consumption threshold, and the number of data centers required by the whole network.
3. The data center-oriented load-balanced quantum key resource distribution system of claim 1, wherein: the working process of the connection request generation module is
Generating a service request using R (s, d, q, t, CO)s,COd) A representation, which represents a service request from a source node s to a destination node d; wherein q is the quantum key number required by the service, t is the update time of the quantum key, and COs、COdRespectively representing the computing resource requirements on the data center connected with the source node s and the sink node; the arrival of the service satisfies the Poisson distribution of lambda, and the time interval satisfies the negative exponential distribution of mu; setting the quantum key quantity and the quantum key updating time required by each service, and calculating the quantum key consumption rate v of the servicek=q/t。
4. The data center-oriented load-balanced quantum key resource distribution system of claim 1, wherein: the working process of the quantum key pool setting module is to initialize the state of the quantum key pool in the data center-oriented optical network GkN in (N, L, V, K, D) is a set of nodes, L is a set of directed links, and V ═ V1,v2,v3… is a set of settings for the quantum key generation rate per link in a data center oriented optical network, K ═ K { (K)1,k2,k3… is the set of quantum key residuals in each link quantum key pool in a data center oriented optical network, D ═ D1,d2,d3… is a set of settings of a data center connected to a node in a data center oriented optical network.
5. The data center-oriented load-balanced quantum key resource distribution system of claim 1, wherein: the working process of the working path calculation module is
Establishing a working path of the service according to the relative relation between the link quantum key generation rate and the total service consumption rate and the residual working time of the quantum key pool as a weight; preferentially selecting a link with the link quantum key generation rate larger than the total service consumption rate, wherein the quantum key pool is in a net growth state; selecting the hop number as the secondary priority, wherein the lower the hop number is, the lower the number of nodes passed by is, the less the consumed quantum key is, if the hop numbers are consistent, the relative ratio of the two links is determined according to the conditionSelecting the route according to the load number; preferentially selecting a link with less service load, and enabling the link to enter a negative growth state later; if the generation rate of the link quantum key is less than the total service consumption rate, the priority of the route selection is determined according to the reciprocal of the remaining working time of the quantum key pool, namely 1/T ═ v-vk)/k1If the value is larger, the key pool is indicated to finish service later; and if the request is successful in establishing the path, executing a fifth step, otherwise, blocking the service request.
6. The data center-oriented load-balanced quantum key resource distribution system of claim 1, wherein: the working process of the time slot resource allocation module is
When v is<vkThen, the quantum key is in a negative growth state, and resources in the quantum key pool are needed; firstly, time slot resources are divided according to the key output rate of a quantum key pool, namely, the quantum key resource amount corresponding to each time slot, and because one time slot can only serve one service, the time slot number needs to be as large as possible, so that the quantum key resources cannot be greatly wasted.
7. The data center-oriented load-balanced quantum key resource distribution system of claim 1, wherein: the working process of the computing resource allocation module is
Determining the number of required time slots according to the quantum key consumption rate required by the service, and determining the position of time slot allocation in a quantum key pool according to a first hit algorithm; secondly, a service R (s, d, q, t, CO)s,COd) CO ins(COd) Less than the computing resources CO of the data center on the s (d) node.
8. The data center-oriented load-balanced quantum key resource distribution system of claim 1, wherein: the working process of the service load module is
If v is>vkIf the quantum key pool does not reach the capacity, the quantum key is in a net growth stateAnd calculating the increased quantum key number k according to the service of the linkincrease=(v-vk)*(t2-t1) Wherein, t2The arrival time of the next service of the service; if v is<vkIf the quantum key pool is not less than the threshold value M, then the reduced quantum key number k is calculated according to the service of the linkdecrease=(vk-v)*(t2-t1) Wherein, t2The arrival time of the next service of the service;
if v is>vkIs set to 0 if v<vkIs set as (v-v)k)/k1And the number of the service requests occupied by each link is recorded, the requests are arranged from small to large in number, the priority with small service number is higher, and at the moment, the quantum key pool on the link can enter a negative growth state relatively late, so that the service blocking rate is effectively reduced.
CN202011601313.4A 2020-12-29 2020-12-29 Load balancing quantum key resource distribution system facing data center Active CN112769550B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011601313.4A CN112769550B (en) 2020-12-29 2020-12-29 Load balancing quantum key resource distribution system facing data center

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011601313.4A CN112769550B (en) 2020-12-29 2020-12-29 Load balancing quantum key resource distribution system facing data center

Publications (2)

Publication Number Publication Date
CN112769550A true CN112769550A (en) 2021-05-07
CN112769550B CN112769550B (en) 2022-10-21

Family

ID=75697181

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011601313.4A Active CN112769550B (en) 2020-12-29 2020-12-29 Load balancing quantum key resource distribution system facing data center

Country Status (1)

Country Link
CN (1) CN112769550B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114006694A (en) * 2021-09-26 2022-02-01 北京邮电大学 Quantum key processing method and device, electronic equipment and storage medium
CN114448521A (en) * 2022-02-22 2022-05-06 中国海洋大学 Wide-area noise quantum network communication method and system based on OSPF (open shortest Path first) and quantum CSS (cascading style sheets) codes
CN114499842A (en) * 2021-12-31 2022-05-13 华南师范大学 QKD network key resource pre-allocation method based on reinforcement learning
WO2023108714A1 (en) * 2021-12-13 2023-06-22 苏州大学 Resource allocation method and system in quantum key distribution optical network
CN117176345A (en) * 2023-10-31 2023-12-05 中电信量子科技有限公司 Quantum cryptography network key relay dynamic routing method, device and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106961327A (en) * 2017-02-27 2017-07-18 北京邮电大学 Key management system and method based on quantum key pond
CN107508671A (en) * 2017-08-18 2017-12-22 北京邮电大学 Service communication method and device based on quantum key distribution
CN110149204A (en) * 2019-05-09 2019-08-20 北京邮电大学 The key resource allocation methods and system of QKD network
CN111711517A (en) * 2020-07-23 2020-09-25 苏州大学 Quantum key distribution protection method and system based on service security level

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106961327A (en) * 2017-02-27 2017-07-18 北京邮电大学 Key management system and method based on quantum key pond
CN107508671A (en) * 2017-08-18 2017-12-22 北京邮电大学 Service communication method and device based on quantum key distribution
CN110149204A (en) * 2019-05-09 2019-08-20 北京邮电大学 The key resource allocation methods and system of QKD network
CN111711517A (en) * 2020-07-23 2020-09-25 苏州大学 Quantum key distribution protection method and system based on service security level

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
徐雅斌等: "《量子密钥分发网络的多路径密钥传输方法研究》", 《电子科技大学学报》 *
陈伯文: "《频谱灵活光网络的保护恢复机制研究》", 《中国博士学位论文全文数据库 信息科技辑》 *
陈伯文等: "《频谱灵活光网络的故障概率与光纤链路负载均衡联合优化方法》", 《通信学报》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114006694A (en) * 2021-09-26 2022-02-01 北京邮电大学 Quantum key processing method and device, electronic equipment and storage medium
CN114006694B (en) * 2021-09-26 2023-09-22 北京邮电大学 Quantum key processing method and device, electronic equipment and storage medium
WO2023108714A1 (en) * 2021-12-13 2023-06-22 苏州大学 Resource allocation method and system in quantum key distribution optical network
CN114499842A (en) * 2021-12-31 2022-05-13 华南师范大学 QKD network key resource pre-allocation method based on reinforcement learning
CN114499842B (en) * 2021-12-31 2023-06-30 华南师范大学 QKD network key resource pre-allocation method based on reinforcement learning
CN114448521A (en) * 2022-02-22 2022-05-06 中国海洋大学 Wide-area noise quantum network communication method and system based on OSPF (open shortest Path first) and quantum CSS (cascading style sheets) codes
CN114448521B (en) * 2022-02-22 2023-10-27 中国海洋大学 Wide area noise quantum network communication method and system based on OSPF and quantum CSS codes
CN117176345A (en) * 2023-10-31 2023-12-05 中电信量子科技有限公司 Quantum cryptography network key relay dynamic routing method, device and system
CN117176345B (en) * 2023-10-31 2024-01-09 中电信量子科技有限公司 Quantum cryptography network key relay dynamic routing method, device and system

Also Published As

Publication number Publication date
CN112769550B (en) 2022-10-21

Similar Documents

Publication Publication Date Title
CN112769550B (en) Load balancing quantum key resource distribution system facing data center
CN112737776B (en) Data center-oriented quantum key resource allocation method for load balancing
CN113179514A (en) Quantum key distribution method and related equipment in relay coexistence scene
CN112332984A (en) SDN-based wide-area quantum key distribution routing method and device
CN112016923A (en) Intra-network cross-domain identity management method and system based on block chain and computational power network
CN112887380A (en) Cross-chain intercommunication method and system
Chen et al. A heuristic remote entanglement distribution algorithm on memory-limited quantum paths
Zhu et al. Resource allocation in quantum-key-distribution-secured datacenter networks with cloud-edge collaboration
CN114499842B (en) QKD network key resource pre-allocation method based on reinforcement learning
WO2023019604A1 (en) Minimum network energy consumption optimization method and system based on traffic grooming
Chen et al. ADA-QKDN: A new quantum key distribution network routing scheme based on application demand adaptation
CN109167637B (en) Key pool filling resource determination method, device, equipment and readable storage medium
CN108667526B (en) Multi-service safe transmission method, device and equipment in optical transport network
Chen et al. A quantum key distribution routing scheme for hybrid-trusted QKD network system
CN114362939B (en) Dynamic route forwarding method, storage device and intelligent terminal based on trusted relay quantum secret communication network
Li et al. A crosstalk-and fragmentation-aware RMSCA strategy in SDM-EONs based on aligned prime-partition of spectrum resources
Marano et al. Distributing quantum states with finite lifetime
Chen et al. Resource distribution equilibrium for virtual network embedding over flexi-grid optical networks
CN109005034B (en) Multi-tenant quantum key supply method and device
Li et al. Swapping-based entanglement routing design for congestion mitigation in quantum networks
Xu et al. Quantum key distribution scheme with key recycling in integrated optical network
CN114302266B (en) Resource allocation method and system in quantum key distribution optical network
Kaewpuang et al. Entangled Pair Resource Allocation under Uncertain Fidelity Requirements
Shi et al. Concurrent Entanglement Routing for Quantum Networks: Model and Designs
CN116743379B (en) Encryption transmission scheme determining method for power network data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant