	US 12,273,240 B2
	Method and apparatus for isolation support in network slicing
Zhiyuan Hu, Shanghai (CN); Jing Ping, Sichuan (CN); Iris Adam, Munich (DE); Duan Chen, Shanghai (CN); and Zhigang Luo, Shanghai (CN)
Assigned to NOKIA SOLUTIONS AND NETWORKS OY, Espoo (FI)
Appl. No. 18/004,926
Filed by Nokia Solutions and Networks Oy, Espoo (FI)
PCT Filed Jul. 15, 2020, PCT No. PCT/CN2020/102006 § 371(c)(1), (2) Date Jan. 10, 2023, PCT Pub. No. WO2022/011578, PCT Pub. Date Jan. 20, 2022.
Prior Publication US 2023/0362057 A1, Nov. 9, 2023
Int. Cl. H04L 41/0894 (2022.01); H04L 41/0895 (2022.01); H04L 41/0897 (2022.01); H04L 43/06 (2022.01); H04L 43/0876 (2022.01); H04L 43/20 (2022.01); H04W 24/02 (2009.01)

CPC H04L 41/0894 (2022.05) [H04L 41/0895 (2022.05); H04L 41/0897 (2022.05); H04L 43/06 (2013.01); H04L 43/0876 (2013.01); H04L 43/20 (2022.05); H04W 24/02 (2013.01)]

1 Claim

1. A transport network isolation control function apparatus comprising:

a processor; and

a memory configured to cause the apparatus to perform the function of:

receiving slice isolation policy for a network slice subnet (NSS) in a transport network (TN) domain;

mapping the slice isolation policy to network resource isolation policy and traffic isolation policy;

mapping the network resource isolation policy and the traffic isolation policy to network resource allocation policy and data traffic forward policy, respectively, wherein the network resource allocation policy and the data traffic forward policy are applied to create the TN NSS;

checking if the slice isolation policy for the TN NSS has a contradiction with other network slices or NSSs when the slice isolation policy is shared by the TN NSS and the other network slices or NSSs; and

updating the TN NSS with a new resource allocation policy and a new data traffic forward policy to remove the contradiction;

the network resource isolation policy includes the following attributes no isolation, physical network function isolation, logical network function isolation, physical network link isolation, and virtual network link isolation,

wherein:

the traffic isolation policy comprises attributes including: no isolation, service type isolation, data type isolation, video type isolation, and security protection level isolation,

the network resource allocation policy comprises attributes including: standard/undifferentiated isolation, dedicated hardware for transport network resources, dedicated software for transport network resources, and logical isolated virtual transport network resources, and

the data traffic forward policy comprises attributes including: standard/undifferentiated isolation, internet protocol security (IPsec) related rules, access control/filter rules, Differentiated Services Code Point (DSCP) rules, and forward rules in flow table.