Online service provisioning involves two main entities, i.e., cloud providers renting cloud resources to service providers. In this process, the service provider would like to minimize its costs, while the cloud providers seek ways to increase their profit. Novel container orchestration platforms like Kubernetes allow deploying services on the same physical or virtual (e.g., virtual machines) infrastructure while delivering both hard and soft resource isolation. When the soft resource isolation is allowed, guaranteed (or request) resources of one service can be used (if idle) by another one as limit resources, for short time intervals in a best-effort manner. The use of limit resources represents an extra font of revenue for the cloud provider to charge different service providers for the same resources. At the same time, soft isolation allows service providers to decrease the number of request resources and rely on more limit resources, paid only when accessed, reducing the overall resources needed. Therefore, soft resource isolation has potential benefits for both cloud and service providers. To enable these benefits, the price of limit resources should be carefully set by the cloud provider to generate, on one hand, extra profits and, on the other, be appealing to service providers. This paper proposes a framework for evaluating the pricing window for the limit resources under which it is possible to reduce the cost for service providers and increase the profits of cloud providers. Results in a sample simulated scenario show that by pricing limit resources within six to twelve times the request resources, cloud and service providers can achieve financial gains in the order of 10%-20%.

Existing container orchestration platforms provide frameworks capable of automatically scaling resources to evolving traffic conditions based on resource usage. Service providers rely on these automatic scaling capabilities to improve the traffic adaptability of their cloud native applications while reducing costs. However, this may lead to service degradation related to the delayed response to the traffic changes. Traditionally, Pod dimensioning has been performed considering guaranteed (or request) resources. Recently, container orchestration platforms included the possibility to allow Pods to use idle resources that can be withheld for a short period of time in a best-effort fashion (known as limit resources). This paper analyzes the potential of limit resources as a way to mitigate degradation while reducing the amount of request resources. Results for a sample case show that a strategy relying on limit resources achieves the same level of degradation as a conventional strategy that uses only request resources, while reducing requested CPU by 25%.

An exponential growth of bandwidth demand, spurred by emerging network services, often with diverse characteristics and stringent performance requirements, drive the need for more dynamic operation of optical networks, efficient use of spectral resources, and automation. Spectrum fragmentation is one of the main challenges of dynamic, resource-efficient Elastic Optical Networks (EONs). Fragmented, stranded spectrum slots lead to poor resource utilization and increase the blocking probability of incoming service requests. Conventional approaches for Spectrum Defragmentation (SD) apply various criteria to decide when, and which portion of the spectrum to defragment. However, these polices often address only a subset of tasks related to defragmentation, are not adaptable, and have limited automation potential. To address these issues, we propose DeepDefrag, a novel framework based on reinforcement learning that addresses the main aspects of the SD process: determining when to perform defragmentation, which connections to reconfigure, and which part of the spectrum to reallocate them to. DeepDefrag outperforms the well-known Oldest-First FirstFit (OF-FF) defragmentation heuristic, substantially reducing blocking probability and defragmentation overhead.

The ongoing evolution of optical networks towards autonomous systems supporting high-performance services beyond 5G requires advanced functionalities for automated security management. To cope with evolving threat landscape, security diagnostic approaches should be able to detect and identify the nature not only of existing attack techniques, but also those hitherto unknown or insufficiently represented. Machine Learning (ML)-based algorithms perform well when identifying known attack types, but cannot guarantee precise identification of unknown attacks. This makes Root Cause Analysis (RCA) crucial for enabling timely attack response when human intervention is unavoidable. We address these challenges by establishing an ML-based framework for security assessment and analyzing RCA alternatives for physical-layer attacks. We first scrutinize different Network Management System (NMS) architectures and the corresponding security assessment capabilities. We then investigate the applicability of supervised and unsupervised learning (SL and UL) approaches for RCA and propose a novel UL-based RCA algorithm called Distance-Based Root Cause Analysis (DB-RCA). The framework’s applicability and performance for autonomous optical network security management is validated on an experimental physical-layer security dataset, assessing the benefits and drawbacks of the SL- and UL-based RCA. Besides confirming that SL-based approaches can provide precise RCA output for known attack types upon training, we show that the proposed UL-based RCA approach offers meaningful insight into the anomalies caused by novel attack types, thus supporting the human security officers in advancing the physical-layer security diagnostics.