- Multi-domain lightpath authorization, using tokens
- Future Generation Computer Systems
- Volume | Issue number
- 25 | 2
- Pages (from-to)
- Document type
- Faculty of Science (FNWI)
- Informatics Institute (IVI)
This paper highlights the concepts and results of our research, leading to demonstrations during the period 2005-2007 to develop a flexible and simple access control model, and corresponding support tools to provision multi-domain optical network resources on demand. We introduce the general network resources provisioning model that extends the Generic AAA Authorisation sequences for multi-domain scenarios, and explain how token based access control and policy enforcement can be used during the provisioned resource access. To build a solid conceptual foundation for the proposed token, based access control, the paper revisits existing token definition and proposes a new definition in the context of our research. We subsequently show the use of tokens during different stages of the lightpath provisioning process. The paper identifies and describes two major scenarios in multidomain lightpath provisioning: the chain and tree approaches. The proposed token concept allows a simple combination of access control enforcement at different networking layers: the packet layer, the path layer, and the service layer. We end with a brief description of a few demonstrations that proves the proposed concepts and illustrates its acceptance by a wider networking community.
- go to publisher's site
If you believe that digital publication of certain material infringes any of your rights or (privacy) interests, please let the Library know, stating your reasons. In case of a legitimate complaint, the Library will make the material inaccessible and/or remove it from the website. Please Ask the Library, or send a letter to: Library of the University of Amsterdam, Secretariat, Singel 425, 1012 WP Amsterdam, The Netherlands. You will be contacted as soon as possible.