Secure Microservice Communication in Optical Networks

As optical network functions increasingly adopt microservice architectures, traditional con- tainer security mechanisms are proving insufficient against sophisticated attacks targeting these critical infrastructure components. This paper introduces a novel framework for securing microser- vice communications in optical networks through the application of Memory Protection Keys (MPK) for enhanced container isolation. Converging containerization technologies with optical networking introduces unique security challenges, particularly in maintaining isolation between sensitive optical control functions while preserving the ultra-low latency requirements essential for network operations. The proposed approach leverages hardware-enforced memory isolation provided by Intel MPK to establish secure domains for optical control functions without sacrificing performance in latency-sensitive applications. The framework includes zero-copy communication protocols between isolated domains, runtime verification through eBPF-based monitoring, and hardware-assisted security mechanisms specifically designed for optical control plane operations. This work addresses the growing tension between security requirements and performance con- straints in software-defined optical networks, offering a balanced approach that improves container security while respecting the strict operational parameters of modern optical control systems.