Collection: A Cybertwin based cloud native network architecture

To build a future network, Peng Cheng Laboratory designed a new cloud native network architecture with core clouds and edge clouds - Cybertwin. The concept and mechanism of Cybertwin were proposed to tackle the challenges of mobility, security, and availability in cloud native network. The innovative research results of this project provide new development ideas and technical directions for future network design.

A Cybertwin based cloud native network architecture

In response to the requirements of the future network featured as the Internet of Everything, three-dimensional networking, and personalized network services, future network architecture design needs to tackle core challenges such as network scalability, mobility, availability, security, manageability, and economy. With the emergence of Cloud Computing, the Internet of Things, and other technologies, the Over The TOP (OTT) model of the traditional Internet is becoming increasingly overwhelmed, and transmission networks are difficult to adapt to the applications. In recent years, technologies such as Content Distribution Networks, Edge Computing, and Cloud-Network Convergence have developed rapidly to make up for the deficiencies of the OTT model. However, these remedies have not fundamentally changed the nature of the logical separation of the dual network.

Brain-inspired Network Academician Studio of the Department of Mathematics and Physics at Peng Cheng Laboratory proposed a new cloud native network architecture with core clouds and edge clouds to build a backbone network, and devices access the network by connecting to the edge clouds. The novel idea of the proposed architecture is the network of the cloud, for the cloud, and by the cloud. Specifically, the cloud native network is built by clouds instead of routers, so the network mainly solves the problems of cloud services. The main function of the network has changed from the original end-to-end transmission to the intelligent collaboration of the cloud-edge-end distributed system. In response to the challenges of mobility, security, and transmission reliability caused by multi-operators, multi-heterogeneous access, and multi-heterogeneous transmissions at the edge, we proposed a Cybertwin based cloud native network architecture.

[Cybertwin]

The concept of Cybertwin was one of Peng Cheng Laboratory's research achievements, which is a mobility agent, transmission agent, security agent, and data agent of human, machines and things in the cloud native network, which is also a kind of service instance deployed and run in the core and edge clouds. Cybertwin is the only entrance for each user to be online. The functions of Cybertwin are summarized as follows:

○ Security agent: When a user accesses the Internet, Cybertwin provides dynamic security authentication services, which solve many network security issues.

○ Transmission agent: Cybertwin negotiates the available resources flexibly with multi-operators based on user's personalized service requirements, which realizes the efficient configuration and flexible scheduling of the cloud-edge service resources and the edge-end transmission resources for supporting personalized Quality-of-Service (QoS) -aware applications.

○ Data agent: Users' behavioral data in physical space and cyberspace are recorded and stored by their own cybertwin so that users fully own their data and confirm their digital assets to protect personal privacy and control their own data rights.

[A Cybertwin based cloud native network security mechanism]

The Cybertwin based "Network Access with Real Name" method was proposed to meet the demand for safe and intelligent access to the networks for smart terminals of massive quantity. The introduction of Cybertwin as the agent for humans, machines and things in network access and the method of "Network Access with Real Name" based on Locator/Identifier Split enables the user identification for network access with Cybertwin. This research aims to solve both the insufficiency of addresses for the access of terminals of several hundred billion in quantity and various security problems caused by anonymous Internet access. With the increasing demand for cloud computing and mobile services, the boundary between the traditional Intranet and the Internet becomes increasingly blurred. This research proposed a Cybertwin based zero trust security mechanism for this situation. The Cybertwin of the user dynamically authenticates the identity of humans, machines and things of the user and controls their access through authorization to realize the Endogenous Safety and Security of the future network. A Cybertwin based user data storage method was also proposed with the adoption of the mechanism of splitting personal data from an application to protect effectively personal data assets and achieve the independent control of personal data.

[A Cybertwin based intelligent collaboration method among human, machines, and things]

The convergent theory of multi-heterogeneous resource based on Cybertwin was proposed. The deep convergence and micro-servicing of technologies, systems and services of core clouds, edge clouds and ends were designed, which in turn supports the efficient integration and flexible collaboration of diversified business services. A flexible service orchestration mechanism for network resources based on Cybertwin was proposed, and a method for users to obtain cloud native network services through the Cybertwin was designed to realize the Cybertwin according to the user's personalized QoS-aware applications requirements. The theory of scarcity in Economics was used for reference to complete resource scheduling according to market pricing principle. Based on the resource occupancy rate and dynamic prices of network resources, the user's Cybertwin negotiates for transaction of QoS against price with multiple telecommunications operators and network operators. Game equilibrium, reinforcement learning, and other methods can be used to maximize the utility of user's Cybertwin, multi-party operators and multi-party service providers, ensuring the service reliability of converged services and the flexibility of service collaboration under resource-constrained conditions.