System and method for establishing secure communications between transceivers in undersea optical communication systems

US 8,750,707 B2
Filed: 04/13/2011
Issued: 06/10/2014
Est. Priority Date: 04/13/2011
Status: Expired due to Fees

First Claim

Patent Images

1. A method for secure communications between optical transceivers in an optical communication system, the method comprising:

formatting data traffic as a plurality of frames in a first optical transceiver, wherein overhead of at least one of the frames includes a secure passcode;

transmitting at least a first optical signal including the data traffic formatted as the plurality of frames from the first optical transceiver;

receiving the first optical signal at a second optical transceiver provisioned to receive the data traffic including the secure passcode and allowing the second optical signal transceiver to read the data traffic;

after the second optical transceiver stops receiving the first optical signal, receiving the first optical signal at a third optical transceiver that is not provisioned to receive the data traffic including the secure passcode; and

in response to determining that the third optical transceiver is not provisioned to receive the data traffic including the secure passcode, preventing the data traffic from being read from the third optical transceiver at least temporarily and provisionally inserting an alternative maintenance signal into a third optical signal transmitted by the third optical transceiver.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In general, a system and method provides secure communications between optical transceivers in an optical communication system. Two or more optical transceivers may be provisioned with one or more passcodes assigned to the transceivers, which may be used to indicate that received data traffic is intended for the transceivers. The transceivers may be configured to format data traffic with a secure version of the passcode in the overhead of the outbound signal and may be configured to determine if an inbound signal includes a secure version of the passcode provisioned in that transceiver. A transceiver may prevent data traffic from being read when the transceiver is not provisioned to receive data traffic with the embedded secure passcode and may insert an alternative maintenance signal (AMS) into an outbound signal in an opposite direction, at least temporarily, until the inbound signal includes the appropriate passcode.

Citations

16 Claims

1. A method for secure communications between optical transceivers in an optical communication system, the method comprising:
- formatting data traffic as a plurality of frames in a first optical transceiver, wherein overhead of at least one of the frames includes a secure passcode;
  
  transmitting at least a first optical signal including the data traffic formatted as the plurality of frames from the first optical transceiver;
  
  receiving the first optical signal at a second optical transceiver provisioned to receive the data traffic including the secure passcode and allowing the second optical signal transceiver to read the data traffic;
  
  after the second optical transceiver stops receiving the first optical signal, receiving the first optical signal at a third optical transceiver that is not provisioned to receive the data traffic including the secure passcode; and
  
  in response to determining that the third optical transceiver is not provisioned to receive the data traffic including the secure passcode, preventing the data traffic from being read from the third optical transceiver at least temporarily and provisionally inserting an alternative maintenance signal into a third optical signal transmitted by the third optical transceiver.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 further comprising in response to receiving the alternative maintenance signal from the third optical transceiver, provisionally inserting a second alternative maintenance signal into the first optical signal instead of the data traffic.
  - 3. The method of claim 1 wherein the optical communication system includes an undersea branched optical network, and wherein the first optical signal is transmitted onto an optical path in the undersea branched optical network.
  - 4. The method of claim 3 wherein the first optical signal is redirected to the third optical transceiver by a branching unit in the branched optical network in response to detecting fault in at least a portion of the undersea branched optical network between the first optical transceiver and the second optical transceiver.
  - 5. The method of claim 1 wherein the optical communication system includes a point-to-point undersea optical communication system, and wherein the first optical signal is transmitted onto an optical path in the point-to-point undersea optical communication system.
  - 6. The method of claim 1 wherein the secure passcode includes a hash code obtained by applying a hash function to a passcode assigned to the first optical transceiver.

7. A method for securely receiving data traffic in an undersea optical communication system, the method comprising:
- receiving an inbound optical signal at an optical receiver, the inbound optical signal including inbound data traffic formatted as plurality of frames, wherein overhead of at least one of the frames includes a secure passcode;
  
  transmitting an outbound optical signal from an optical transmitter associated with the optical receiver, wherein the outbound optical signal includes outbound data traffic formatted as plurality of frames;
  
  determining if the optical receiver is provisioned to receive the inbound data traffic including the secure passcode;
  
  if the optical receiver is provisioned to receive the inbound data traffic including the secure passcode, reading the inbound data traffic and continuing to transmit the outbound optical signal including the outbound data traffic; and
  
  if the optical receiver is not provisioned to receive the inbound data traffic including the secure passcode, preventing the inbound data traffic from being read from the optical receiver at least temporarily and provisionally causing the outbound optical signal to include an alternative maintenance signal instead of the outbound data traffic.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7 wherein the optical transmitter is configured to include a secure passcode in overhead of at least one of the frames of the outbound data traffic or the alternative maintenance signal.
  - 9. The method of claim 7 wherein the undersea optical communication system is an undersea branched optical network, and wherein the inbound optical signal has been redirected to the optical receiver in response to detecting a fault in at least a portion of the undersea branched optical network.

10. An optical communication system comprising:
- at least a first optical transceiver configured to format first data traffic as a plurality of frames, to include a secure passcode in overhead of at least one of the frames, and to transmit at least a first optical signal including the first data traffic formatted as the plurality of frames from the first optical transceiver;
  
  at least a second optical transceiver configured to receive the first optical signal and to determine if the second transceiver is provisioned to receive the first data traffic including the secure passcode, and if the second transceiver is provisioned to receive the first data traffic including the secure passcode, to read the first data traffic and to transmit a second optical signal including second data traffic to the first optical transceiver, and if the second transceiver is not provisioned to receive the first data traffic including the secure passcode, to prevent the first data traffic from being read from the second optical transceiver at least temporarily and to provisionally insert an alternative maintenance signal instead of the second data traffic in the second optical signal; and
  
  an optical path coupling the first and second optical transceivers and configured to carry optical signals transmitted between the optical transceivers.
- View Dependent Claims (11, 12, 13)
- - 11. The optical communication system of claim 10 further comprising:
    - at least one branching unit coupled to the optical path between the first and second optical transceivers, wherein the branching unit is configured to direct the first optical signal from the first optical transceiver to the second optical transceiver.
  - 12. The optical communication system of claim 11 wherein the branching unit is configured to direct the first optical signal from the first optical transceiver to the second optical transceiver in response to detecting a fault in at least a portion of the optical path.
  - 13. The optical communication system of claim 10 wherein the optical transceivers include trans-oceanic optical transceivers in a point-to-point optical communication system.

14. An apparatus comprising:
- an optical transmitter configured to format outbound data traffic as a plurality of frames, to include a secure passcode in overhead of at least one of the frames, and to transmit at least an optical signal including the outbound data traffic formatted as the plurality of frames; and
  
  an optical receiver configured to receive an inbound optical signal, the inbound optical signal including inbound data traffic formatted as a plurality of frames, wherein overhead of at least one of the frames includes a secure passcode, and configured to determine if the optical receiver is provisioned to receive the inbound data traffic including the secure passcode, and if the optical receiver is provisioned to receive the inbound data traffic including the secure passcode, to read the inbound data traffic and continue transmitting the outbound optical signal including the outbound data traffic, and if the optical receiver is not provisioned to receive the inbound data traffic including the secure passcode, to prevent the inbound data traffic from being read from the optical receiver at least temporarily and to provisionally insert an alternative maintenance signal into the transmitted optical signal instead of the outbound data traffic.

15. A method of establishing secure communications between optical transceivers in an undersea optical communication system, the method comprising:
- provisioning at least first and second optical transceivers with matching passcodes, wherein each of the first and second optical transceivers is configured to format data traffic as a plurality of frames, to include a secure version of the passcode in overhead of at least one of the frames, and to transmit at least an optical signal including the data traffic formatted as the plurality of frames, and wherein each of the first and second optical transceivers is configured to receive optical signals and to determine if the respective transceiver is provisioned to receive inbound data traffic including a secure passcode in data frames in the received optical signals, and if the respective transceiver is provisioned to receive the inbound data traffic including the secure passcode, to read the inbound data traffic and if the respective transceiver is not provisioned to receive the inbound data traffic including the secure passcode, to prevent the inbound data traffic from being read at least temporarily and to insert an alternative maintenance signal in the optical signal being transmitted; and
  
  deploying the first and second optical transceivers in the undersea optical communications system.
- View Dependent Claims (16)
- - 16. The method of claim 15 wherein the undersea optical communications system is an undersea branched optical network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SubCom, LLC
Original Assignee
Tyco Electronics Subsea Communications LLC (TE Connectivity Limited)
Inventors
Sabet, Sameh A., Liss, Jonathan M.
Primary Examiner(s)
Jacob, Oommen

Application Number

US13/086,364
Publication Number

US 20120263476A1
Time in Patent Office

1,154 Days
Field of Search

398/104, 380/263
US Class Current

398/104
CPC Class Codes

H04B 10/85   Protection from unauthorise...

H04J 14/02   Wavelength-division multipl...

H04J 14/021   Reconfigurable arrangements...

H04J 14/0212   using optical switches or w...

H04J 14/0273   using optical overhead, e.g...

H04J 14/028   WDM bus architectures

H04L 63/083   using passwords cryptograph...

H04L 63/1408   by monitoring network traff...

H04L 9/3226   using a predetermined code,...

H04L 9/3236   using cryptographic hash fu...

System and method for establishing secure communications between transceivers in undersea optical communication systems

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for establishing secure communications between transceivers in undersea optical communication systems

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links