RESOURCE ALLOCATION METHOD AND SYSTEM IN QUANTUM KEY DISTRIBUTION OPTICAL NETWORK

Abstract

The invention provides a resource allocation method and system in a quantum key distribution optical network. The method includes steps of: setting a topological structure of a quantum key distribution optical network, and initializing parameters in the topological structure; generating a service request, and categorizing a security level of a service according to a security requirement degree of the service, where the security level corresponds to a security score; establishing an optimization objective function to maximize a security score of the quantum key distribution optical network and minimize an occupancy of wavelength and timeslot resources; and establishing a constraint satisfying the optimization objective function, and allocating corresponding wavelength and timeslot resources to the service request under the constraint. The invention implements a joint optimization objective of maximizing a security score of a network and minimizing the occupation of wavelengths and timeslots.

Claims

1. A resource allocation method in a quantum key distribution optical network, comprising steps of: S1: setting a topological structure of a quantum key distribution optical network, and initializing parameters in the topological structure; S2: generating a service request, and categorizing a security level of a service according to a security requirement degree of the service, wherein the security level corresponds to a security score; S3: establishing an optimization objective function to maximize a security score of the quantum key distribution optical network and minimize an occupancy of wavelength and timeslot resources; and S4: establishing a constraint satisfying the optimization objective function, and allocating corresponding wavelength and timeslot resources to the service request under the constraint.

2. The resource allocation method in a quantum key distribution optical network according to claim 1, wherein the topological structure of the quantum key distribution optical network is G(V,L,Λ,Δ,T), wherein a parameter V is a set of optical switching nodes, L is a set of directed links, Λ={λ.sub.1, λ.sub.2, λ.sub.3, . . . , λ.sub.n} is a set of conventional wavelengths in an optical network, Δ={λ.sub.1.sup.Q, λ.sub.2.sup.Q, λ.sub.3.sup.Q, . . . , λ.sub.n.sup.Q} is a set of quantum channel dedicated wavelengths, T={t.sub.1, t.sub.2, t.sub.3, . . . , t.sub.n} is a set of available timeslots in a quantum channel, and the initializing parameters in the topological structure comprising setting a link status, the number of the optical switching nodes, the number of optical fiber links, the number of conventional wavelengths and the number of quantum channel dedicated wavelengths on a link, and the number of timeslots.

3. The resource allocation method in a quantum key distribution optical network according to claim 1, wherein a service request CR(s,d,w,t.sub.k,sl) is generated in step S2, the service request CR(s,d,w,t.sub.k,sl) requires w conventional wavelengths for data transmission from a source node s to a destination node d, the number of quantum keys used for encryption is t.sub.k timeslots, and sl is the security level of the service.

4. The resource allocation method in a quantum key distribution optical network according to claim 3, wherein in the quantum key distribution optical network, an overall security score of the entire network is: $\begin{array}{cc}\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}*S{R}_{s,d},& \left(1\right)\end{array}$ wherein W.sub.(i,j),λ.sup.(s,d) represents that when a connection request (s, d) occupies a conventional wavelength λ on a link (i, j), a value of the variable is 1, or otherwise is 0, and SR.sub.s,d represents a security score from the source node s to the destination node d.

5. The resource allocation method in a quantum key distribution optical network according to claim 1, wherein the optimization objective function is: $\begin{array}{cc}G=\alpha *\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}*S{R}_{s,d}+\beta *\left(\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}+\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\right),& \left(2\right)\end{array}$ wherein W.sub.(i,j),λ.sup.(s,d) represents an occupation status of a conventional wavelength by a service request CR(s,d) on a link (i,j), and is 1 if the wavelength is occupied, or otherwise is 0; T.sub.(i,j),λ.sub.Q.sub.,t.sup.(s,d), represents an occupation status of a timeslot t on a quantum channel dedicated wavelength λ.sup.Q on the link (i, j) by the service request CR(s,d), and is 1 if the timeslot is occupied, or otherwise is 0; SR.sub.s,d represents a security score from a source node s to a destination node d; and α and β are adjustment parameters, and weights of optimization objectives are changed by adjusting α and β.

6. The resource allocation method in a quantum key distribution optical network according to claim 5, wherein a method for using the optimization objective function G to maximize the security score of the quantum key distribution optical network and minimize the occupancy of wavelength and timeslot resources comprises steps of: increasing the security score of the quantum key distribution optical network by optimizing a total W.sub.(i,j),λ.sup.(s,d)*SR.sub.s,d, reducing the number of wavelengths and timeslots) occupied by a connection request by optimizing W.sub.(i,j),λ.sup.(s,d) and T.sub.(i,j),λ.sub.Q.sub.,t.sup.(s,d), to increase an occupancy of resources in the quantum key distribution optical network.

7. The resource allocation method in a quantum key distribution optical network according to claim 1, wherein the constraint in step S4 comprises: a consistency constraint of bandwidth traffic conservation and wavelength and timeslot resource of a service request, an uniqueness constraint of wavelength and timeslot resource occupation, a wavelength and timeslot, and a continuity constraint of wavelength and timeslot resource.

8. The resource allocation method in a quantum key distribution optical network according to claim 6, wherein the consistency constraint of bandwidth traffic conservation and wavelength and timeslot resource of the service request comprises: $\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}-\underset{{j:\left(j,i\right)\in L}^{}}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}=\{\begin{array}{cc}T{R}_{s,d}& i=s,\\ -T{R}_{s,d}& i=d,\\ 0& \mathrm{else},\end{array}\begin{array}{c}\\ \forall \left(s,d\right)\\ \end{array},& \left(3\right)\end{array}$ $\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}-\underset{j:\left(j,i\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}=\{\begin{array}{cc}\begin{array}{cc}W{R}_{s,d}& i=s,\\ -W{R}_{s,d}& i=d,\\ 0& \mathrm{else},\end{array}& \forall \left(s,d\right)\end{array},& \left(4\right)\end{array}$ $\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}=\underset{j:\left(j,i\right)\in L}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\forall \left(s,d\right),i,i\ne s,i\ne d,{\lambda }^Q\in \Delta ,t\in T_k,& \left(5\right)\end{array}$ $\mathrm{and}$ $\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}=\underset{j:\left(j,i\right)\in L}{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\forall \left(s,d\right),i,i\ne s,i\ne d,\lambda \in \Lambda ,& \left(6\right)\end{array}$ wherein in the constraints (3) and (4), in a working path found for each service request, outgoing traffic of a source node is equal to a wavelength requirement WR.sub.s,d and a timeslot requirement TR.sub.s,d of the service request, and incoming traffic of a destination node is equal to the wavelength requirement WR.sub.s,d and the timeslot requirement TR.sub.s,d of the service request, and at the same time an intermediate node on a working path of each service has equal incoming traffic and outgoing traffic; and in the constraints (5) and (6), wavelength and timeslot resources allocated on each link in a working path satisfy the consistency constraint, that is, each link in a working path selected for a service corresponds to the same positions of wavelength and timeslot resources; the uniqueness constraint of wavelength and timeslot resource occupation comprises: $\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in CR}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\le 1& \forall \left(i,j\right),{\lambda }^Q\in \Delta ,t\in T_k\end{array},\mathrm{and}& \left(7\right)\end{array}$ $\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in CR}{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\le 1& \forall \left(i,j\right),\lambda \in \Lambda \end{array},& \left(8\right)\end{array}$ wherein in the constraints (7) and (8), any conventional wavelength and timeslot on each link can only be occupied by at most one service at the same time; the wavelength and timeslot capacity constraint comprises: $\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\le .Math.\Lambda .Math.& \forall \left(i,j\right)\end{array},& \left(9\right)\end{array}$ $\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}{Q}_{\left(i,j\right),{\lambda }^Q}^{\left(s,d\right)}\le .Math.\Delta .Math.& \forall \left(i,j\right)\end{array},& \left(10\right)\end{array}$ $\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in CR}{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\le .Math.T_k.Math.& \forall \left(i,j\right)\end{array},\mathrm{and}& \left(11\right)\end{array}$ $\begin{array}{cc}\begin{array}{cc}{Q}_{\left(i,j\right),{\lambda }^Q}^{\left(s,d\right)}\le \underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}& \forall \left(s,d\right),\left(i,j\right),{\lambda }^Q\in \Delta \end{array},& \left(12\right)\end{array}$ wherein |Λ| represents the number of conventional wavelengths on each link, |Δ| represents the number of quantum channel dedicated wavelengths on each link, |T.sub.k| represents the number of timeslots in each quantum channel dedicated wavelength, Q.sub.(i,j),λ.sub.Q.sub.,t.sup.(s,d) represents an occupation status of the quantum channel dedicated wavelength λ.sup.Q on the link (i, j) by a service CR(s,d), and is 1 if the wavelength is occupied, or otherwise is 0; the constraints (9), (10), and (11) represent that in each link, wavelength and timeslot resources allocated to all services are less than set wavelength and timeslot thresholds; and the constraint (12) represents that different services may occupy different timeslot resources of the same quantum dedicated wavelength; and the continuity constraint of wavelength and timeslot resource comprises: $\begin{array}{cc}\left(W_{\left(i,j\right),\lambda }^{\left(s,d\right)}-W_{\left(i,j\right),\lambda +1}^{\left(s,d\right)}-1\right)\times \left(-\theta \right)\ge \underset{x\in \left[\lambda +2,.Math.\Lambda .Math.\right]}{.Math.}{W}_{\left(i,j\right),x}^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),\lambda ,s\ne d,& \left(13\right)\end{array}$ $\begin{array}{cc}\left(W_{\left(i,j\right),\lambda }^{\left(s,d\right)}-1\right)\times \theta +W{R}_{s,d}\le \underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),\lambda ,s\ne d,& \left(14\right)\end{array}$ $\begin{array}{cc}\left(T_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}{T}_{i,j),{\lambda }^Q,t+1}^{\left(s,d\right)}-1\right)\times \left(-\theta \right)\ge \underset{y\in \left[t+2,.Math.T_k.Math.\right]}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,y}^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),{\lambda }^Q,t,s\ne d,\mathrm{and}& \left(15\right)\end{array}$ $\begin{array}{cc}\left(T_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}-1\right)\times \theta +T{R}_{s,d}\le \underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),{\lambda }^Q,t,s\ne d,& \left(16\right)\end{array}$ wherein θ is a positive number, and the constraints (13) to (16) represent that in each link, conventional wavelengths allocated to each service and timeslot resources on quantum channel wavelengths are in a continuous idle state.

9. A resource allocation system in a quantum key distribution optical network, comprising: a network initialization module, configured to: set a topological structure of a quantum key distribution optical network, and initialize parameters in the topological structure; a service request generation module, configured to: generate a service request, and categorize a security level of a service according to a security requirement degree of the service, wherein the security level corresponds to a security score; an optimization objective establishment module, configured to establish an optimization objective function to maximize a security score of the quantum key distribution optical network and minimize an occupancy of wavelength and timeslot resources; and a resource allocation module, configured to: establish a constraint satisfying the optimization objective function, and allocate corresponding wavelength and timeslot resources to the service request under the constraint.

10. The resource allocation system in a quantum key distribution optical network according to claim 9, wherein the service request generation module further comprises a security level categorization module of a service request, configured to: preclassify the service request according to a security requirement degree of the service request, and categorize the security level of the service, wherein for service requests of different security levels, resources are allocated in quantum dedicated wavelengths of corresponding security levels; and the resource allocation module further comprises a constraint module, the constraint module comprising: a consistency calculation module of traffic conservation and resource of a service request, configured to calculate a consistency constraint of traffic conservation and resource of the service request in the quantum key distribution optical network, to make incoming traffic equal to outgoing traffic and resources occupy the same positions on each link; an uniqueness calculation module of wavelength and timeslot resource occupation, configured to calculate a uniqueness constraint of wavelength and timeslot resources, to ensure that only one service can be occupied at each moment at each wavelength and timeslot position; a wavelength and timeslot capacity calculation module, configured to calculate a wavelength and timeslot capacity constraint, to make wavelength and timeslot resources allocated to all services less than thresholds set in the quantum key distribution optical network; and a wavelength and timeslot continuity calculation module, configured to calculate a wavelength and timeslot continuity constraint, to make conventional wavelengths and timeslot resources allocated to each service are in a continuous idle state, wherein the constraint modules collaborate with each other to complete optimization and allocation of a security score of the network and wavelength and timeslot resources.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0041] FIG. 1 is an overall schematic flowchart of a method according to the present invention;

[0042] FIG. 2 is a schematic diagram of the architecture of a quantum key distribution optical network according to the present invention;

[0043] FIG. 3 is a specific schematic flowchart of a resource allocation method according to the present invention;

[0044] FIG. 4 is a schematic structural diagram of a system according to the present invention;

[0045] FIG. 5 is a diagram of a topological structure of an optical network according to an embodiment of the present invention; and

[0046] FIG. 6 is a schematic diagram of resource allocation according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

[0047] The present invention is further described below with reference to the accompanying drawings and specific embodiments, to enable a person skilled in the art to better understand and implement the present invention. However, the embodiments are not used to limit the present invention.

[0048] Referring to FIG. 1, the present invention provides: a resource allocation method in a quantum key distribution optical network. The method includes the following steps: [0049] S1: setting a topological structure of a quantum key distribution optical network, and initializing parameters in the topological structure; [0050] S2: generating a service request, and categorizing a security level of a service according to a security requirement degree of the service, where the security level corresponds to a security score; [0051] S3: establishing an optimization objective function to maximize a security score of the quantum key distribution optical network and minimize an occupancy of wavelength and timeslot resources; and [0052] S4: establishing a constraint satisfying the optimization objective function, and allocating corresponding wavelength and timeslot resources to the service request under the constraint.

[0053] In a quantum key distribution optical network, to solve the problems of low network security and inappropriate resource occupation, the present invention provides a resource allocation method in a quantum key distribution optical network, thereby implementing a joint optimization objective of maximizing a security score of a network and minimizing the occupation of wavelengths and timeslots. In the provided method in the present invention, a service request needs to satisfy constraints such as bandwidth traffic conservation, wavelength continuity, wavelength resource occupation uniqueness, wavelength consistency, timeslot continuity, timeslot resource occupation uniqueness, timeslot consistency, and wavelength and timeslot capacity limitation, thereby implementing routing and wavelength and timeslot resource allocation methods in a quantum key distribution optical network. The present invention mainly considers how to measure a security degree of an entire quantum key distribution optical network, a different security level is categorized according to a security requirement of a service request, and different wavelength and timeslot resources are allocated, thereby greatly improving the security performance of the entire quantum key distribution optical network.

[0054] Specifically, in a process of optical fiber network transmission, information transmitted for each service request has a different security degree. Quantum key encryption needs to be preferentially performed for a data service with a high priority and importance. In such differentiation, a security requirement degree of a service request and a relative importance and security degree of data of the service request can be differentiated, and the security performance of the network can be measured. If a security level of each service request is under the same constraints, the network is prone to surveillance by hackers and is vulnerable to targeted attacks.

[0055] FIG. 2 shows the architecture of a quantum key distribution optical network with security levels of services, and is a topological graph of a network formed by 5 nodes and 5 links. The topological graph is formed by a QKD layer and a data layer. λ.sub.1, λ.sub.2, and λ.sub.3 respectively correspond to quantum channel wavelengths with a high security level, a medium security level, and a low security level. T.sub.1, T.sub.2, and T.sub.3 respectively correspond to different quantum key update periods. Security requirement levels of service requests respectively correspond to different scores.

[0056] When there is a service CR.sub.1(0,4,1,1,high), 0-2-4 is first selected according to a shortest path algorithm as a working path for the service, and next a timeslot resource t.sub.2 is allocated in a quantum channel wavelength λ.sub.1 representing the highest security level.

[0057] In a quantum key distribution optical network based on security levels of services, an overall security score of the entire network is:

[00007]$\begin{array}{cc}\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}*S{R}_{s,d},& \left(1\right)\end{array}$ [0058] where a variable W.sub.(i,j),λ.sup.(s,d) represents that if a connection request (s, d) occupies a conventional wavelength λ on a link (i, j), a value of the variable is 1, or otherwise is 0, and SR.sub.s,d represents a security score of a service from a source node s to a sink node d.

[0059] To solve the problems of security and resource occupation in a quantum key distribution optical network, the present invention proposes an integer linear programming model based on the foregoing service security level classification mechanism, that is, implements joint optimization with objectives of maximizing a security score of a network and minimizing the occupation of wavelength and timeslot resources. Specific steps of the joint optimization model are as follows: [0060] Step 1: Initialize a network. In a quantum key distribution network G(V,L,Λ,Δ,T), V is a set of nodes, L is a set of directed links, Λ={λ.sub.1, λ.sub.2, λ.sub.3, . . . , λ.sub.n} is a set of conventional wavelengths in an optical network, Δ=λ{.sub.1.sup.Q, λ.sub.2.sup.Q, λ.sub.3.sup.Q, . . . , λ.sub.n.sup.Q} is a set of quantum channel dedicated wavelengths, T={t.sub.1, t.sub.2, t.sub.3, . . . , t.sub.n} is a set of available timeslots in a quantum channel. For the topological structure, a link status, the number of the network optical switching nodes, the number of optical fiber links, the number of conventional wavelengths and the number of quantum channel dedicated wavelengths on a link, and the number of timeslots of an optical network are set. [0061] Step 2: Generate a service request. The service request is represented by CR(s,d,t.sub.k,sl), and represents a service request from a source nodes to a destination node d. The service request requires w conventional wavelengths for data transmission. The number of quantum keys used for encryption of the service request is t.sub.k timeslots, and sl is the security requirement level of a service. Conventional work that need to be assigned to each service, quanta, the number of common interaction channel wavelengths, the number of quantum keys allocated to each service, and the security requirement level of the service are set. [0062] Step 3: Establish a joint optimization method with an objective function of maximizing the security score of the network and minimizing the occupation of wavelength and timeslot resources.

[0063] The present invention mainly solves the problems of security and resource occupation in a quantum key distribution optical network. The objective function of joint optimization is minimizing the occupancy of wavelength and timeslot resources in the quantum key distribution optical network and maximizing the security score of the entire network. That is, the objective function is mainly formed by a primary optimization objective and a secondary optimization objective. Weights of optimization objectives are changed by adjusting α and β (α≤0 and 0≤β≤1), to achieve different optimization objectives. When α=−1 and β=0, the optimization objective becomes implementing a maximum value of the security score of the network. When α=0 and β=1, the optimization objective is optimizing the occupancy of wavelength and timeslot resources in the network, to implement the optimization of resource utilization in the network. The optimization objective function may be represented by using the following formula:

[0064] Minimize:

[00008]$\begin{array}{cc}G=\alpha *\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}*S{R}_{s,d}+\beta *\left(\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}+\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\left(i,j\right)\in L}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\right),& \left(2\right)\end{array}$

[0065] where W.sub.(i,j),λ.sup.(s,d) represents an occupation status of a conventional wavelength λ by a service request CR(s,d) on a link (i, j), and is 1 if the wavelength is occupied, or otherwise is 0; T.sub.(i,j),λ.sub.Q.sub.,t.sup.(s,d), represents an occupation status of a timeslot t on a quantum channel dedicated wavelength λ.sup.Q on the link (i, j) by the service request CR(s,d), and is 1 if the timeslot is occupied, or otherwise is 0. The objective G of the integer linear programming model is to maximize the security score of the quantum key distribution optical network and minimizing quantities of wavelengths and timeslots occupied in the optical network. The first part in Formula (2) represents security scores of service requests on the same link in the quantum key distribution optical network. In this way, when the total W.sub.(i,j),λ.sup.(s,d)*SR.sub.s,d in the optical network is larger, it indicates that the security score of the entire network is higher. Therefore, the network security score of the quantum key distribution optical network is improved by optimizing W.sub.(i,j),λ.sup.(s,d)*SR.sub.s,d. The second part in Formula (2) represents total quantities of conventional wavelengths and timeslots occupied in the quantum key distribution optical network. Quantities of wavelengths and timeslots occupied by a connection request are reduced by optimizing W.sub.(i,j),λ.sup.(s,d) and T.sub.(i,j),λ.sub.Q.sub.,t.sup.(s,d), to increase the occupancy of (resources in the quantum key distribution optical network. [0066] Step S4: Establish constraints satisfying a joint optimization method with a objective function.

[0067] During the allocation and optimization of wavelength and timeslot resources in the quantum key distribution optical network, the following constraints need to be satisfied. Specific constraints are shown as follows: [0068] 1. Consistency constraint of bandwidth traffic conservation and wavelength and timeslot of a service request:

[00009]$\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}-\underset{{j:\left(j,i\right)\in L}^{}}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}=\{\begin{array}{cc}T{R}_{s,d}& i=s,\\ -T{R}_{s,d}& i=d,\\ 0& \mathrm{else},\end{array}\begin{array}{c}\\ \forall \left(s,d\right)\\ \end{array},& \left(3\right)\end{array}$$\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}-\underset{j:\left(j,i\right)\in L}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}=\{\begin{array}{cc}\begin{array}{cc}W{R}_{s,d}& i=s,\\ -W{R}_{s,d}& i=d,\\ 0& \mathrm{else},\end{array}& \forall \left(s,d\right)\end{array},& \left(4\right)\end{array}$$\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}=\underset{j:\left(j,i\right)\in L}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\forall \left(s,d\right),i,i\ne s,i\ne d,{\lambda }^Q\in \Delta ,t\in T_k,& \left(5\right)\end{array}$$\mathrm{and}$$\begin{array}{cc}\underset{j:\left(i,j\right)\in L}{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}=\underset{j:\left(j,i\right)\in L}{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\forall \left(s,d\right),i,i\ne s,i\ne d,\lambda \in \Lambda ,& \left(6\right)\end{array}$ [0069] where WR.sub.s,d represents the number of required conventional wavelengths for one service from the source node s to the sink node d, and TR.sub.s,d represents the number of required timeslots for one service from the source node s to the sink node d. The constraints (3) and (4) ensure that in a working path found for each service request, outgoing traffic of a source node is equal to a wavelength requirement WR.sub.s,d and a timeslot requirement TR.sub.s,d of the service request, and incoming traffic of a destination node is equal to the wavelength requirement WR.sub.s,d and the timeslot requirement TR.sub.s,d of the service request, and at the same time an intermediate node on a working path of each service has equal incoming traffic and outgoing traffic. The constraints (5) and (6) ensure that wavelength and timeslot resources allocated on each link in a working path satisfy the consistency constraint, that is, each link in a working path selected for a service corresponds to the same positions of wavelength and timeslot resources. [0070] 2. Uniqueness constraint of wavelength and timeslot resource occupation:

[00010]$\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in CR}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\le 1& \forall \left(i,j\right),{\lambda }^Q\in \Delta ,t\in T_k\end{array},\mathrm{and}& \left(7\right)\end{array}$$\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in CR}{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\le 1& \forall \left(i,j\right),\lambda \in \Lambda \end{array},& \left(8\right)\end{array}$ [0071] where the constraints (7) and (8) ensure the uniqueness of the occupation of conventional wavelength and timeslot resources, that is, any conventional wavelength and timeslot on each link can only be occupied by at most one service at the same time. [0072] 3. Wavelength and timeslot capacity constraint:

[00011]$\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\le .Math.\Lambda .Math.& \forall \left(i,j\right)\end{array},& \left(9\right)\end{array}$$\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in \mathrm{CR}}{.Math.}\underset{{\lambda }^Q\in \Delta }{.Math.}{Q}_{\left(i,j\right),{\lambda }^Q}^{\left(s,d\right)}\le .Math.\Delta .Math.& \forall \left(i,j\right)\end{array},& \left(10\right)\end{array}$$\begin{array}{cc}\begin{array}{cc}\underset{\left(s,d\right)\in CR}{.Math.}\underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\le .Math.T_k.Math.& \forall \left(i,j\right)\end{array},\mathrm{and}& \left(11\right)\end{array}$$\begin{array}{cc}\begin{array}{cc}{Q}_{\left(i,j\right),{\lambda }^Q}^{\left(s,d\right)}\le \underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}& \forall \left(s,d\right),\left(i,j\right),{\lambda }^Q\in \Delta \end{array},& \left(12\right)\end{array}$ [0073] where |Λ| represents the number of conventional wavelengths on each link, |Δ| represents the number of quantum channel dedicated wavelengths on each link, |T.sub.k| represents the number of timeslots in each quantum channel dedicated wavelength, Q.sub.(i,j),λ.sub.Q.sub.,t.sup.(s,d) represents an occupation status of the quantum channel dedicated wavelength λ.sup.Q on the link (i, j) by a service CR(s,d), and is 1 if the wavelength is occupied, or otherwise is 0. The constraints (9), (10), and (11) describe capacity constraints of conventional wavelengths, quantum dedicated wavelengths, and timeslots in a quantum channel, and represent that in each link, wavelength and timeslot resources allocated to all services should not exceed set wavelength and timeslot thresholds. The constraint (12) represents that different services may occupy different timeslot resources of the same quantum dedicated wavelength; and [0074] 4. Continuity constraint of wavelength and timeslot resource:

[00012]$\begin{array}{cc}\left(W_{\left(i,j\right),\lambda }^{\left(s,d\right)}-W_{\left(i,j\right),\lambda +1}^{\left(s,d\right)}-1\right)\times \left(-\theta \right)\ge \underset{x\in \left[\lambda +2,.Math.\Lambda .Math.\right]}{.Math.}{W}_{\left(i,j\right),x}^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),\lambda ,s\ne d,& \left(13\right)\end{array}$$\begin{array}{cc}\left(W_{\left(i,j\right),\lambda }^{\left(s,d\right)}-1\right)\times \theta +W{R}_{s,d}\le \underset{\lambda \in \Lambda }{.Math.}{W}_{\left(i,j\right),\lambda }^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),\lambda ,s\ne d,& \left(14\right)\end{array}$$\begin{array}{cc}\left(T_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}{T}_{i,j),{\lambda }^Q,t+1}^{\left(s,d\right)}-1\right)\times \left(-\theta \right)\ge \underset{y\in \left[t+2,.Math.T_k.Math.\right]}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,y}^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),{\lambda }^Q,t,s\ne d,\mathrm{and}& \left(15\right)\end{array}$$\begin{array}{cc}\left(T_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}-1\right)\times \theta +T{R}_{s,d}\le \underset{t\in T_k}{.Math.}{T}_{\left(i,j\right),{\lambda }^Q,t}^{\left(s,d\right)}\forall \left(i,j\right),\left(s,d\right),{\lambda }^Q,t,s\ne d,& \left(16\right)\end{array}$ [0075] where θ is a very large positive number, WR.sub.s,d represents the number of required conventional wavelengths for one service from the source node s to the sink node d, and TR.sub.s,d represents the number of required timeslots for one service from the source node s to the sink node d. The constraints (13) to (16) describe continuity constraints of conventional wavelengths and timeslots in a quantum channel, and represent that in each link, conventional wavelengths allocated to each service and timeslot resources on quantum channel wavelengths must be in a continuous idle state. A block diagram of a specific procedure of the model is shown in FIG. 3.

[0076] The present invention further provides a resource allocation system in a quantum key distribution optical network, including: [0077] a network initialization module, configured to: set a topological structure of a quantum key distribution optical network, and initialize parameters in the topological structure; [0078] a service request generation module, configured to: generate a service request, and categorize a security level of a service according to a security requirement degree of the service, where the security level corresponds to a security score; [0079] an optimization objective establishment module, configured to establish an optimization objective function to maximize a security score of the quantum key distribution optical network and minimize an occupancy of wavelength and timeslot resources; and [0080] a resource allocation module, configured to: establish a constraint satisfying the optimization objective function, and allocate corresponding wavelength and timeslot resources to the service request under the constraint.

[0081] Specifically, as shown in FIG. 4, the quantum key distribution optical network initialization module configures, in an optical network G(V,L,Λ,Δ,T), a network topological structure, a link status in an optical network, the number of the network optical switching nodes, the number of optical fiber links, the number of conventional wavelengths and the number of quantum channel dedicated wavelengths on a link, and the number of timeslots.

[0082] The service request generation module generates a service request CR(s,d,w,t.sub.k,sl) according to the even distribution of source nodes and destination nodes, and configures information such as the number of connection requests, source nodes and destination nodes of different connection requests, and bandwidth requirements.

[0083] The security level categorization module of the service request mainly preclassifies the service request according to a security requirement degree of the service request CR(s,d,w,t.sub.k,sl), and categorizes the security level of the service. For service requests of different security levels, resources are allocated in quantum dedicated wavelengths of corresponding security levels.

[0084] The consistency calculation module of traffic conservation and resource of the service request calculates a consistency constraint of traffic conservation and resource of the service request in the quantum key distribution optical network according to Formula (3) to Formula (6), to ensure that incoming traffic is equal to outgoing traffic and resources occupy the same positions on each link.

[0085] The uniqueness calculation module of wavelength and timeslot resource occupation calculates a uniqueness constraint of wavelength and timeslot resources according to Formula (7) and Formula (8), to ensure that only one service can be occupied at each moment at each wavelength and timeslot position.

[0086] The wavelength and timeslot capacity calculation module calculates a constraint of wavelength and timeslot capacity according to Formula (9) to Formula (12), to ensure that wavelength and timeslot resources allocated to all services do not exceed thresholds set in the quantum key distribution optical network.

[0087] The wavelength and timeslot continuity calculation module calculates a wavelength and timeslot continuity constraint according to Formula (13) to Formula (16), to ensure that conventional wavelengths allocated to each service and timeslot resources must be in a continuous idle state.

[0088] In the foregoing system description, different modules may collaborate with each other to complete a joint optimization system of the security score of the network and wavelength and timeslot resources.

Embodiment

[0089] FIG. 5 is a structural diagram of a network topology of a quantum key distribution optical network used in this embodiment being formed by four nodes and eight links. Based on the foregoing allocation method, a resource allocation process is as follows: [0090] Step 1: Initialize a network. Each optical fiber link is bidirectional. The number of wavelengths on each link is 40. Three wavelengths are respectively allocated on a quantum channel and a common interaction channel. 6, 8, and 10 timeslot resources are respectively provided on each wavelength. 32 wavelengths are allocated on a conventional channel transmitted for a service request, and two wavelengths are reserved between the quantum channel and the common interaction channel. [0091] Step 2: Generate a service request. Establish service requests CR.sub.1(0,3,1,1,low) and CR.sub.2(0,3,2,1,high). Both service requests are from a source node 0 to a destination node 3. A service CR.sub.1 requires one conventional wavelength for data transmission. A service CR.sub.2 requires two conventional wavelength for data transmission. Requirements of quantum keys for encryption for the services CR.sub.1 and CR.sub.2 are both one timeslot. A security requirement level of the first service request is low, that is, the lowest security degree. A security requirement level of the second service request is high, that is, the highest security degree. [0092] Step 3: Determine and execute the objective function of maximizing the security score of the network and minimizing the occupation of wavelengths and timeslots in the quantum key distribution optical network proposed in the present invention. See Formula (2). [0093] Step 4: Determine and execute constraints in the joint optimization method in the quantum key distribution optical network. In a process of allocating a resource to each service, it is necessary to satisfy the consistency constraint of bandwidth traffic conservation and wavelength and timeslot of the service request (see Formula (3) to Formula (6)), the uniqueness constraint of conventional wavelength and timeslot resource occupation (see Formula (7) and Formula (8)), the wavelength and timeslot capacity constraint (see Formula (9) to Formula (12)), and the continuity constraint of wavelength and timeslot resource (see Formula (13) to Formula (16)).

[0094] Through the foregoing steps, corresponding wavelength and timeslot resources can be allocated to the service requests CR.sub.1(0,3,1,1,low) and CR.sub.2(0,3,2,1,high) in the network based on a target condition. Because both services have security requirements of encryption, during the allocation of quantum channel wavelengths and timeslot resources, it is necessary to consider the maximization of the overall security performance of the network and the minimization of the occupation of wavelength and timeslot resources. For CR.sub.1(0,3,1,1,low), both a path 0-3 and a path 0-1-2-3 may be selected as a working path of the service. Resource allocation and security assessment are performed on the path 0-3, as shown in FIG. 6. The allocation of conventional wavelengths in the data layer is first performed, which is consistent with a conventional method. Next, idle timeslot resources are allocated to the service CR.sub.1 in a wavelength λ.sub.3 corresponding to a low security level. In this case, the security score of the entire network and the total quantities of conventional wavelengths and timeslots are calculated. For the path 0-1-2-3, the same steps are performed to allocate wavelength and timeslot resources. Finally, a path of resource allocation and a position of resource allocation are determined based on the objective function of maximizing the security score of the network and minimizing the occupation of wavelength and timeslot resources in the optical network proposed in the patent. If conditions are satisfied, in this case, services in the network have all been successfully established. For a group of service requests, that is, CR.sub.1 and CR.sub.2, optimal wavelength and timeslot resources are allocated, to maximum the security score of the quantum key distribution optical network, so that the entire network has the highest security degree.

[0095] The present invention mainly improves the security performance of a quantum key distribution optical network and solves the problem of wavelength and timeslot allocation. In a process of actual data transmission, each service has a different security requirement degree. Therefore, the present invention proposes an assessment mechanism for the overall security performance of a network based on a security requirement level. Next, a joint optimization method with an objective of maximizing a network security score of a quantum key distribution optical network and minimizing the occupation of wavelength and timeslot resources in the optical network are established according to the assessment mechanism, and problems of route calculation, conventional wavelengths, and the allocation of quantum channel dedicated wavelengths and timeslots in the quantum key distribution optical network are solved by using an integer linear programming method. In the quantum key distribution optical network, certain service requests are generated, and sufficient wavelength and timeslot resources are provided for allocation to the service requests without causing a service congestion. Next, a joint optimization method of maximizing a security score of a network and minimizing the occupation of wavelengths and timeslots is established according to an optimization objective to be achieved and constraints in an allocation process for the service requests, thereby finding an optimal resource allocation method for all service requests.

[0096] The method can effectively measure the security degree of the entire network, and solve the problem of security encryption in a quantum key distribution optical network, thereby greatly improving the overall security performance of the quantum key distribution optical network. In addition, an appropriate working path is found for each service request, to reduce a waste of wavelength and timeslot resources in the network, thereby greatly improving the utilization of resources, reducing the consumption of quantum keys, and greatly reducing costs. The problem of low quantum key utilization in a current quantum key distribution optical network is solved, thereby ensuring the quality of service and security of a service request in a transmission process.

[0097] The foregoing embodiments are merely preferred embodiments used to fully describe the present invention, and the protection scope of the present invention is not limited thereto. Equivalent replacements or variations made by a person skilled in the art to the present invention all fall within the protection scope of the present invention. The protection scope of the present invention is as defined in the claims.