Internetworking Forum Targets Security

Paula M. Powell

At its August meeting in Copenhagen, Denmark, members of the Optical Internetworking Forum focused on a subject near and dear to anyone with a computer link to a network -- security. More precisely, they discussed plans for enhancing the security of next-generation optical networks. As with conventional networks, these face basic communications issues related to how optical equipment talks to the network and how data travels throughout the network.

According to the forum's technical committee chairman, Steve Joiner of Ignis Optics in San Jose, Calif., standardization of the communications protocols used in each stage is critical to ensuring seamless information flow, regardless of who the equipment vendor and the service provider are. Ensuring security of that communications process is a necessary component of standardization.

Joiner noted that optical networks' security-related issues include the need for protection against denial of service, unauthorized access and modification of network elements and data. One can think of the security concerns related to modification in two ways -- unauthorized modification of elements and data, as well as modification of elements and data that do not conform to established protocols. Efforts to resolve these problems will involve development of specifications for auditing logging and provision of security of management interfaces to optical network elements.

Joiner noted that, although the networking form has covered security issues within standards development efforts since its inception in 1998, this is the first time that its operations, administration, maintenance and provisioning work group has addressed the issue in a stand-alone fashion. He expects to see preliminary results from this project within the year.

Other than any roadblocks related to gaining consensus from a large group of companies, perhaps the primary issue that could slow down the project is the need to retain a strong link between security developments and the continual updates related to protocols themselves. One effort cannot get ahead of the other.

The forum is a nonprofit organization with some 250 members worldwide. It plays a standardization role for the optical networking industry much as International Sematech does for the semiconductor industry. This includes promoting global development of optical internetworking products and fostering development and deployment of "interoperable" products and services for data switching and routing using optical networking technologies. The forum also provides an avenue for member companies, including service providers and optical component manufacturers, to work together to develop precompetitive technology.