Building Deterministic, Service-Based and Endogenous Security Networks in Data-Centric Way - Mobile World Live

Building Deterministic, Service-Based and Endogenous Security Networks in Data-Centric Way

06 JUL 2021

PARTNER FEATURE: With continuous development and wide application of new-generation information technologies, digitalization, networkization, and intelligentization have become important directions of economic and social transformation and upgrade. The development and application of Artificial Intelligence (AI), blockchain, cloud computing, and the Internet of Things (IoT) all depend on data. Thus, data has become a production factor and the basis of digital economy. Data in the digital era can be compared to petroleum in the industrial era. However, data is intangible and infinite, and there’s a HUGE amount of data being generated every minute. How to make good use of data to create value has become the key to success in the era of digital economy.

“Data drives development” does not mean that data will automatically turn into productivity. The value of data cannot be achieved without the corresponding data infrastructure, including facilities involved in the process of data collection, transmission, storage, and computing. New infrastructure, including new networks, facilities, platforms, and terminals, needs to be built. Specifically speaking, neuron systems for data collection need to be built based on the ubiquitous deployment of smart terminals. Secondly, efficient data transmission networks need to be built based on the full coverage of new 5G networks. Next, data computing capabilities need to be improved based on the computing facilities, such as Internet data centers and HPC (High-Performance Computing) centers. At last, intelligent data analysis centers need to be built based on AI platforms, industrial Internet platforms and IoT platforms.

Looking at the nature of data driving, a data center carries the computing power and transforms data into intelligence, while a network transmits the computing power to users and transform data into value.

Architecture and Vision: Data-Centric Network

The overall architecture of the new data-centric network is shown in Figure 1.

Figure 1  Data-Centric Network Architecture

Horizontally, the data-centric network architecture complies with the end-to-end empowerment principle of service-based networks. That is, the end-to-end Internet protocol-based architecture is maintained, and the services are mainly processed on the two ends. On the basis of improving core capabilities (for example, deterministic transmission, Endogenous security, and computing power scheduling), the network opens up these capabilities in a hierarchical manner with different granularities for the service layer to use.

Vertically, the architecture employs the thin-waist model supported by the intelligent control plane. That is, the “thin-waist architecture” of the Internet protocol stack is retained. The IP layer is kept stable enough to extend new functions with the existing IP fields. Network function extension (mainly for the operator’s data network) is mainly performed on the centralized control plane with effective use of new IT technologies such as AI and big data.

The three key features of large-scale determinacy, ubiquitous service and zero-trust endogenous security are requested to transmit computing power with determinacy, security in a data-centric way.

Figure 2 Evolution from Cloud-Network Convergence to Computing-Network Integration

Large-Scale Determinacy

Large-scale determinacy means that an IP network with a huge number of devices can support up to millions of data flows (such as massive industrial-grade control and sensors) and provide deterministic service guarantee by meeting strict latency and jitter requirements for certain services. The industrial Internet also needs cross-WAN end-to-end determinacy. The large-scale deterministic IP network proposed by ZTE, based on Native IP, can perform regular forwarding and precision scheduling on the new-generation chipsets. End-to-end jitter can be guaranteed no matter how large the networks.

Network Endogenous Security

To meet the security requirements of future networks, ZTE builds a complete set of secure and reliable network architecture from bottom to top. In this way, Using Zero-trust security mechanism ZTE endows the network with secure and credible attributes and capabilities in the “gene” of the network to provide a more solid security foundation for future network protocol systems and network services, which solves the security problems that today networks face.

Ubiquitous Service

In the future, cloud-network convergence is an inevitable trend, and dynamic network adjustment with cloud is an inevitable requirement. Although automatic configuration has been implemented on the network side, which simplifies network operation and maintenance, the fundamental problem has not been solved. In the traditional network and application peer-to-peer model, the network and applications speak their own languages. The network and applications need to interact with each other through complicated protocols and cross-domain cross-layer orchestration. As a result, the network is not agile enough to meet the requirements of substantial industry applications.

ZTE proposes a service-based network model, which adds a service layer between the basic network and the applications to build a ubiquitous service-based network that is loosely coupled, highly scalable and easy to maintain. The ubiquitous service-based network encapsulates network capabilities such as VPN, TE, service chain and security as services, and pushes them to the applications through distributed databases. The “lightweight” network services directly communicate with the applications. The applications only need to focus on their own requirements without caring about specific implementation or support for complex protocol and network interaction. The ubiquitous service-based network removes complex protocol interaction and cross-domain cross-layer orchestration between the network and applications, and encapsulates all network services by SRv6. Leaving all of the discovery, delivery and update of network services to distributed databases, it completely disaggregates the network from applications, and provides the most open cloud-network convergence capability and the most extensive access capability.

In conclusion, the data-centric network model deeply reveals the essential role of the network and its value in the digital economy era. The network is responsible for secure and deterministic transmission of data, and provides service-based “lightweight” interaction, thereby significantly improving the cloud-network convergence capability.

Zhu Yongxing, SVP of ZTE Corporation

Back

Author

Mobile World Live

Mobile World Live is the online service dedicated to providing the mobile industry with daily news coverage & analysis of the biggest global market developments.

Read more