Technical field of the invention

The invention relates to the field of communication network, and in particular to network slices.

More particularly, the invention provides a method for determining an isolation index of a communication service and method for selecting a configuration or a requirement of such a configuration of a communication service in a network architecture.

Background information

Communication service providers (or CSP) are service providers that transport information in order to deliver services to customers. However, this transport is quite difficult due to the characteristics of the network used which is usually dependent on specialized equipment and does not scale properly in order to address the variety of services that need to be provided.

In order to overcome these difficulties and to respond to challenges raised by new communication developments such as in 5G communication infrastructures, network slicing is introduced. In the context of 5G communication, a network slice is a novel partitioning and network sharing scheme that can be defined as a logical recursive entity, which provides the necessary means to realize a complete network communication service that meets the network function set and resource requirements to correspond to customer type or specific services.

It is known that network slicing enables to host several services over the same infrastructure thanks to an intelligent resource sharing. Some communication service components require to be alone, that is, isolated in the infrastructure whereas other components can be hosted together.

Summary of the invention

In this context, the invention provides a method for determining an isolation index of a communication service in order to quantify the characterization of the isolation of the network slicing, thus involving the improvement of the use of infrastructure of the network.

More particularly, the invention consists in a method for determining an isolation index of a configuration of a communication service in a network architecture, said configuration of the communication service being characterized by a plurality of metric values associated with a corresponding metric of the configuration of the communication service, the method comprises steps of:

- assigning, to each possible metric value characterizing the network architecture, an intermediate value estimating the contribution of the concerned metric to the isolation of the configuration of the communication service,

- converting each metric value characterizing the configuration of the communication service into the intermediate value associated with the concerned metric, and

- determining the isolation index based on the intermediate values associated with each metric of the configuration of the communication service.

Advantageously, the invention provides a method to determine a value of the isolation index of a specific configuration of a communication service. The determined value of the isolation index is based on a combination of parameters that are suitable for quantifying this isolation index. The determined isolation index can then be used to identify the configuration with the optimal isolation index for the targeted configuration of the communication service.

Other non-limiting and advantageous features of the invention, taken individually or according to all the combinations that are technically possible, are the following:

- the configuration of the communication service using resources in at least two layers of a network architecture, the step of determining the isolation index comprises:

- calculating, for each layer, a layer isolation value based on at least one intermediate value associated with a metric characterizing the concerned layer, and

- determining said isolation index being based on the calculated layer isolation values;

- the step of determining the isolation index is based on a weighted sum, said weighted sum being calculated by multiplying one weight associated to one layer amongst a plurality of weights and the layer isolation value calculated for the concerned layer;

- each weight of the plurality of weights depends on a level of the associated layer in the network architecture;

- the sum of the plurality of weights is equal to 1 ; - the step of calculating the layer isolation value for each layer is based on another weighted sum, said other weighted sum being based on a plurality of other weights, the sum of the plurality of other weights being equal to 1 ;

- the other weighted sum is calculated by multiplying one intermediate value associated with the concerned metric and one other weight associated with the corresponding metric of the concerned layer;

- each layer comprising a plurality of attributes, the other weight is associated with one attribute;

- each metric being associated with a metric category, the other weight is associated with one metric category;

- the step of calculating the layer isolation value for each layer is based on applying a nonlinear function to said intermediate value associated with a metric of the concerned layer; and

- each intermediate value is comprised between 0 and 1. The invention also provides a method for selecting a configuration of a communication service in a network architecture, said method comprises:

- for each of a plurality of configurations of the communication service, determining an isolation index for the concerned configuration using a method as described previously, and - selecting the configuration of the communication service corresponding to the optimal isolation index.

The invention also provides a method for selecting a requirement of a configuration of a communication service in a network architecture, said method comprises: - for each of a plurality of requirements of the configuration of the communication service, determining an isolation index for the concerned requirement of the configuration of the communication service using a method as described previously, and

- selecting the requirement of the configuration of the communication service corresponding to the optimal isolation index. Detailed description of example(s)

The following description with reference to the accompanying drawings will make it clear what the invention consists of and how it can be achieved. The invention is not limited to the embodiment illustrated in the drawings. Accordingly, it should be understood that, where features mentioned in the claims are followed by reference signs, such signs are included solely for the purpose of enhancing the intelligibility of the claims and are in no way limiting on the scope of the claims.

In the accompanying drawings:

- Figure 1 represents an exemplary network architecture according to the invention, and

- Figure 2 represents, in the form of a flowchart, an example of a method for determining an isolation index of a configuration of a communication service imple mented in the network architecture of Figure 1 .

Figure 1 represents an example of a network architecture 1 adapted to sup port a communication service.

According to this example, the network architecture 1 comprises a plurality of layers, here six different layers. As visible in Figure 1 , the network architecture com prises a service layer 10, a virtual layer 20, a virtualization layer 30, a hardware layer 40, a network layer 50 and a management layer 60.

The service layer 10 is adapted to perform network services, for example a communication service.

The virtual layer 20 corresponds to the space allocated in the network archi tecture for the virtualized network functions (or VNF) which are instantiated in order to offer the associated service.

The virtualization layer 30 comprises virtualization technologies over which virtual network functions are instantiated. The virtualization technologies are for exam ple hypervisors or container infrastructure service instances (or CISI) which can host containers and virtual machines.

The hardware layer 40 comprises physical resources. For example, the hard ware layer 40 includes a central processor unit 41 , a storage unit 42 and a hypervisor 43 (which, for example, comprises an internal network).

The network layer 50 is adapted to provide the required connectivity and to address multi-tenancies and better capabilities to connect guests residing over differ ent hypervisors and different network slices.

The management layer 60 is adapted to provide orchestration and monitor ing capabilities for the service layer 10, the virtual layer 20, the virtualization layer 30, the network layer 40 and the hardware layer 50. The management layer 60 comprises monitoring tools that are adapted to harvest fault, configuration, accounting, perfor mance, security, and information (such as bandwidths, alarms, packet loss) that is required by the network architecture 1 .

As an alternative, the functionalities previously described can be imple mented in several modules that interact together. Each module may in this case im plement for instance functionalities generally attributed to a plurality of layers. In yet another embodiment, these modules may all cooperate to perform functionalities of a single layer.

A method for determining an isolation index of a configuration of a commu nication service in the network architecture according to the present invention is for example performed in another entity different from the network architecture 1 shown in Figure 1 , for example in a design system of the network architecture 1 . As an alter native, the network architecture 1 shown in Figure 1 and described previously can be suitable to execute the method for determining an isolation index of a configuration of a communication service in the network architecture.

Isolation refers to the degree of shared resource that could be tolerated by a credential service provider (or CSP). Specifically, to network slicing, the core idea is to prevent the deterioration on the performance and security of a network slice be cause of any change or influence of another network slice or its underlying supporting infrastructure. This ensures zero correlation between different slice and tenant oper ations. The isolation index refers to the degree of a resource to perform this separa tion.

In the present specification, a configuration of a communication service in the network architecture corresponds to a determined set of values of different param eters characterizing the communication service in the network architecture. For exam ple, this configuration of the communication service can result from a consumer re quest which specifies specific values of parameters characterizing the communication service. Here, parameters characterizing the communication service in the network architecture are organized by levels in the different layers previously described.

Each layer among the six previously described layers comprises several pa rameters called “attributes”. The different attributes in each layer thus correspond to the first level of organization. Each attribute refers to a feature or a property of the concerned layer.

As an example, here, the considered attributes of each layer are function, dissociation, security, traffic, specification, equipment provider, physical location.

The attribute “function” refers to the purpose of the associated layer, more particularly to the role the associated layer performs, the service it provides or the type of traffic of data it processes.

The attribute “dissociation” corresponds to an indicator about the affinity of the concerned layer to share a resource according to its service or its partitioning scheme. This attribute also aims at giving information about the performance that must be satisfied for the operation performed in the concerned layer.

The attribute “security” is adapted to provide information about the overall security objectives that are inherent to the concerned layer.

The attribute “traffic” refers to characteristics of the flow that is processed by the concerned layer.

The attribute “specification” is adapted to provide information about the na ture and characteristics of the equipment used to provide a specific service.

Each attribute is assessed by a plurality of metrics. In a general way, a metric is a standard of measurement that describes the conditions and the rules for perform ing a measurement of a property and for understanding the results of a measurement.

This plurality of metrics is organized in metric categories (which thus corre spond to groups of metrics that are related to each attribute). The association of met rics to the concerned metric category can be made by a direct mapping of by a ma chine learning approach.

As an example, here are some metric categories considered in the present network architecture:

- The metric category “access control” which contains metrics that meas ure the robustness of access control model,

- The metric category “accountability” which contains metrics that assess the requirement for actions of a layer to be traced uniquely to that layer,

- The metric category “affinity” which denotes the criteria by which a policy can enforce or deny the sharing of network, link and storage resources, as well as sharing the same physical location,

- The metric category “availability” which contains the metrics used for pro tection against deletion of data and unauthorized use of resources.

- The metric category “bandwidth” which contains metrics to measure the rate of data transfer, bit rate or throughput,

- The metric category “compliance” which contains metrics that measure agreement with regulations and standards,

- The metric category “confidentiality”, which contains metrics that permit to assess protection from intentional or accidental attempts to perform unauthorized data reads, data or information that is not made available or disclosed to unauthorized entities,

- The metric category “container/virtual machine function” which contains metrics to differentiate the functionality of a container or a virtual machine,

- The metric category “integrity” which contains metrics to demonstrate that data has not been altered at rest or in transit,

- The metric category “LCM” which contains metrics to evaluate the state of the LCM of an entity,

- The metric category “life expectancy” which measures the expected op erational duration of an entity,

- The metric category “location” which denotes where an entity is,

- The metric category “performance” which contains metrics to measure “the number and the speed type of requirements,

- The metric category “privacy” which contains metrics to analyze how in formation is handled, examine and evaluate protections and alternative processes for handling information to mitigate potential privacy risks,

- The metric category “protocol” which contains metrics to compare the dif ferent types of implementations of a service,

- The metric category “provider” which refers to ways to identify different types of providers of service or of equipment,

- The metric category “reliability” which contains metrics to measure the ability of an item to perform a required function under stated conditions for a stated period of time,

- The metric category “role” which contains metrics to denote the function of an entity, - The metric category “security level” which contains metrics to denote characteristics of traffic according to it confidentiality, integrity, availability and privacy requirements,

- The metric category “segmentation” which contains metrics to denote the differentiation of the technologies used to confine features of the entities, - The metric category “service type” which contains metrics that help to differentiate the service offering according to its characteristics,

- The metric category “traffic type” which contains metrics that help to dif ferentiate the traffic according to its nature or to whom it belongs, and

- The metric category “trust” which contains metrics that help to assess the reliance on the integrity, business, and compliance of an entity.

The following table gives examples of layers, attributes, metric categories and metrics that can be involved in the present invention.

The method for determining the isolation index of a configuration of a com munication service is based on some determined metrics as described in the following. Figure 2 shows an exemplary flowchart corresponding to a method for determining an isolation index of a configuration of a communication service implemented in the net work architecture 1 according to the invention.

As represented in Figure 2, the method comprises a step S2 of assigning to each possible metric value characterizing the communication service, an intermediate value estimating the contribution of the concerned metric to the isolation of the config uration of the communication system. In other words, each intermediate value charac terizes how the corresponding metric, when having the concerned metric value, con tributes to the isolation level of the concerned communication service.

In practice, the assignment of intermediate values to each associated metric value is performed using an automated method based for example on a machine learning approach. As an alternative, this assignment can be done by an operator associating intermediate values to each metric value.

In the present example, this step S2 is only performed once during the exe cution of the method whereas the following steps can be performed several times us ing the same assigned intermediate values. As an alternative, the step S2 can be performed each time the following steps are performed.

In the present embodiment, each intermediate value is included in a range of values varying between 0 and 1 . The value 0 means that the metric value contrib utes in a very low manner to the isolation level whereas the value 1 means that the metric value contributes in a very high manner to the isolation level.

As an example, the metric values associated to the metric “SST” are eMBB, mMTC and uRLL. The corresponding intermediate values are respectively 0.2, 0.5 and 0.8, meaning that the configuration eMBB contributes in a low way to the isolation level of the communication service contrary to the configuration uRLL which contributes in a higher way to the isolation level.

As another example, the metric values associated to the metric “Encryption” are None, SSL 128 bits and SSL 256 bits. The corresponding intermediate values are respectively 0, 0.5 and 0.9.

The method continues with a step S4 of determining a desired configuration of the communication service. This desired configuration is for example a consumer request. This consumer request is characterized by a plurality of metric values each associated with a corresponding metric of the corresponding configuration of the com munication service. An example of a consumer request can be in the following form {SST = eMBB; Throughput = 0,5 Gbps; Behavior = Medium; Encryption = SSL 128 bits}. The metrics involved here in this consumer request are SST, Throughput, Be havior and Encryption. The metric values associated to these metrics are respectively eMBB, 0,5 Gbps, Medium and SSL 128 bits. As represented in Figure 2, the method comprises a step S6 of converting each metric value characterizing the configuration of the communication service into the associated intermediate value. Regarding the previous example of the consumer request, and considering the assignment of step S2, the metric values {SST = eMBB; Throughput = 0,5 Gbps; Behavior = Medium; Encryption = SSL 128 bits} are respec tively converted in the following set of intermediate values {0.2; 0.3; 0.5; 0.5}.

These intermediate values associated with each metric are then used to de termine the isolation index of the configuration of the communication service.

More particularly, in the present example, for each layer 10, 20, 30, 40, 50, 60, a layer isolation value is calculated based on at least one intermediate value as sociated with a metric characterizing the concerned layer (step S8).

In practice, the step S8 of calculating the layer isolation value for each layer 10, 20, 30, 40, 50, 60 is based on a first weighted sum. This first weighted sum is based on a plurality of first weights. The sum of the plurality of first weights is equal to 1.

Each weight of the plurality of first weights is for example associated with one attribute. As another example, each weight of the plurality of first weights is asso ciated with one metric category.

As an example, the first weighted sum is calculated by multiplying one inter mediate value associated with the concerned metric and one of the first weights asso ciated with the corresponding metric in the concerned layer.

As an alternative, the step of S8 of calculating the layer isolation value for each layer is based on applying a nonlinear function to the intermediate value(s) as sociated with the metric(s) of the concerned layer. The nonlinear function is for exam ple an inverse variation function, a quadratic function or an exponential function.

Finally, at the end of the step S8, for each layer 10, 20, 30, 40, 50, 60, the corresponding layer isolation value is obtained.

As visible in Figure 2, the method then comprises a step S10 of determining the isolation index of the configuration of the communication service based on the calculated layer isolation values.

In practice, this step S10 of determining the isolation index is based for in stance on a second weighted sum. This second weighted sum is based on a plurality of second weights. The sum of the plurality of second weights is equal to 1 . Each weight of the plurality of second weights depends on a level of the as sociated layer in the network architecture.

The second weighted sum is calculated by multiplying one weight associated to one layer amongst the plurality of second weights and the layer isolation value cal- culated for the concerned layer.

As an alternative, the isolation index can be based on a basic sum of the layer isolation value calculated for each layer.

Considering the example of the consumer request previously introduced, the following table recaps the first weights associated with the different attributes, the sec- ond weights associated with the different layers and the corresponding intermediate values:

Based on the method previously described, the isolation index corresponding to this consumer request is calculated as follows: Isolation index = Weight[Layer_Ser- vice]*(Weight[Attribute_Function]*lntermediate_value_SST)+ Weight[Layer_Vir- tual]*(Weight[Attribute_Traffic]*lntermediate_value_Throughp ut)+ Weight[Layer_Vir- tual]*(Weight[Attribute_Security]*lntermediate_value_Behavio r)+ Weight[Layer_Virtu- alization] ^* (Weight[Attribute_Security] ^* lntermediate_value_SecLevel)+ Weight[Layer_Network]*(Weight[Attribute_Security]*lntermedia te_value_Encryption) = 0.05 ^* (0.2 ^* 0.1 )+0.2 ^* (0.3 ^* 0.2)+0.2 ^* (0.5 ^* 0.2)+0.2 ^* (0.5 ^* 0.2)+0.2 ^* (0.5 ^* 0.3) = 0.263.

This isolation index could be, for example, compared to another one associated with another one in order to identify the configuration of the communication service that provides the better isolation.

As an example, the determination of the isolation index can be used to select a configuration of a communication service in the network architecture.

Considering a plurality of possible configurations of the communication ser vice in the network architecture, the method of selecting comprises, for each of the plurality of configurations of the communication service, a step of determining the cor responding isolation index according to the method described previously.

The method of selecting then comprises a step of selecting the configuration of the communication service corresponding to an optimal isolation index. The optimal isolation index can correspond to the highest determined isolation index as the exam ple described previously, for example to ensure isolation qualities of the selected con figuration of the communication service. In other cases, the optimal isolation index can be based on another selection of a determined isolation index, depending on the way of determination of this isolation index.

Thanks to this method of selecting the configuration of the communication service, the customer can analyze how isolated the different configurations of the com munication service are, and if necessary, migrate a configuration of the communication service to another one in order to increase the isolation index.

As another example, the determination of the isolation index can be used to select the requirements of a configuration of the communication service in which the requirements of the request can be fulfilled according to the isolation requirements in the customer request.

Considering a plurality of requirements of the configuration of the communi cation service, the method of selecting the requirements comprises, for each require ment, a step of determining a corresponding isolation index according to the method described previously.

The method of selecting the requirement then comprises a step of selecting the requirements of the configuration of the communication service corresponding to an optimal isolation index. The optimal isolation index can correspond to the highest determined isolation index, for example to ensure isolation qualities of the selected requirements of the configuration of the communication service regarding the cus tomer request. In other cases, the optimal isolation index can correspond to the lowest determined isolation index.

Thanks to this method of selecting the requirement of the configuration of the communication service, the customer can make sure that the selected requirement complies with the consumer request.